upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-10 04:20:00 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

use a standard CLEANUP macro

Browse source 
CLEANUP is a macro similar to CHECK but unconditional, jumping
to cleanup even if the result is ISC_R_SUCCESS. It is now used
in place of DST_RET, CLEANUP_WITH, and CHECK(<non-success constant>).
This commit is contained in:
Evan Hunt 2025-10-16 15:05:01 -07:00
parent 1d83601c58
commit d4ebea1037
52 changed files with 493 additions and 518 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
bin/check/named-checkconf.c
View file

@ -497,7 +497,7 @@ load_zones_fromconfig(const cfg_obj_t *config, bool list_zones) {
}
if (dns_rdataclass_ismeta(viewclass)) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
dns_rdataclass_format(viewclass, buf, sizeof(buf));
@ -683,7 +683,7 @@ main(int argc, char **argv) {
fprintf(stderr, "%s: unhandled option -%c\n",
isc_commandline_progname,
isc_commandline_option);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
}
@ -695,12 +695,12 @@ main(int argc, char **argv) {
if (((flags & CFG_PRINTER_XKEY) != 0) && !print) {
fprintf(stderr, "%s: -x cannot be used without -p\n",
isc_commandline_progname);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
if (print && list_zones) {
fprintf(stderr, "%s: -l cannot be used with -p\n",
isc_commandline_progname);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
if (isc_commandline_index + 1 < argc) {

14
bin/delv/delv.c
View file

@ -676,7 +676,7 @@ key_fromconfig(const cfg_obj_t *key, dns_client_t *client, dns_view_t *toview) {
delv_log(ISC_LOG_ERROR,
"key '%s': invalid initialization method '%s'",
keynamestr, atstr);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
}
@ -684,13 +684,13 @@ key_fromconfig(const cfg_obj_t *key, dns_client_t *client, dns_view_t *toview) {
isc_buffer_init(&rrdatabuf, rrdata, sizeof(rrdata));
if (rdata1 > 0xffff) {
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
if (rdata2 > 0xff) {
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
if (rdata3 > 0xff) {
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
switch (anchortype) {
@ -741,17 +741,17 @@ key_fromconfig(const cfg_obj_t *key, dns_client_t *client, dns_view_t *toview) {
switch (ds.digest_type) {
case DNS_DSDIGEST_SHA1:
if (r.length != ISC_SHA1_DIGESTLENGTH) {
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
break;
case DNS_DSDIGEST_SHA256:
if (r.length != ISC_SHA256_DIGESTLENGTH) {
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
break;
case DNS_DSDIGEST_SHA384:
if (r.length != ISC_SHA384_DIGESTLENGTH) {
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
break;
}

2
bin/dig/dighost.c
View file

@ -850,7 +850,7 @@ setup_text_key(void) {
secretsize = isc_buffer_usedlength(&secretbuf);
if (hmac_alg == DST_ALG_UNKNOWN) {
CHECK(DST_R_UNSUPPORTEDALG);
CLEANUP(DST_R_UNSUPPORTEDALG);
}
CHECK(dns_name_fromtext(keyname, namebuf, dns_rootname, 0));

2
bin/dnssec/dnssec-ksr.c
View file

@ -93,7 +93,7 @@ static int min_dh = 128;
#define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token))
#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN)
#define BADTOKEN() CLEANUP(ISC_R_UNEXPECTEDTOKEN)
isc_bufferlist_t cleanup_list = ISC_LIST_INITIALIZER;

4
bin/named/builtin.c
View file

@ -1156,13 +1156,13 @@ create(isc_mem_t *mctx, const dns_name_t *origin, dns_dbtype_t type,
if (needargs) {
if (argc != 3) {
CHECK(DNS_R_SYNTAX);
CLEANUP(DNS_R_SYNTAX);
}
bdb->server = isc_mem_strdup(isc_g_mctx, argv[1]);
bdb->contact = isc_mem_strdup(isc_g_mctx, argv[2]);
} else if (argc != 1) {
CHECK(DNS_R_SYNTAX);
CLEANUP(DNS_R_SYNTAX);
}
bdb->common.magic = DNS_DB_MAGIC;

2
bin/named/control.c
View file

@ -124,7 +124,7 @@ named_control_docommand(isccc_sexpr_t *message, bool readonly,
"rejecting restricted control channel "
"command '%s'",
cmdline);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_CONTROL,

16
bin/named/controlconf.c
View file

@ -442,12 +442,12 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result,
}
if (!match) {
CHECK(ISCCC_R_BADAUTH);
CLEANUP(ISCCC_R_BADAUTH);
}
/* We shouldn't be getting a reply. */
if (isccc_cc_isreply(conn->request)) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
conn->now = isc_stdtime_now();
@ -457,17 +457,17 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result,
*/
conn->ctrl = isccc_alist_lookup(conn->request, "_ctrl");
if (!isccc_alist_alistp(conn->ctrl)) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
if (isccc_cc_lookupuint32(conn->ctrl, "_tim", &sent) == ISC_R_SUCCESS) {
if ((sent + CLOCKSKEW) < conn->now ||
(sent - CLOCKSKEW) > conn->now)
{
CHECK(DNS_R_CLOCKSKEW);
CLEANUP(DNS_R_CLOCKSKEW);
}
} else {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
/*
@ -476,7 +476,7 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result,
if (isccc_cc_lookupuint32(conn->ctrl, "_exp", &exp) == ISC_R_SUCCESS &&
conn->now > exp)
{
CHECK(DNS_R_EXPIRED);
CLEANUP(DNS_R_EXPIRED);
}
/*
@ -499,7 +499,7 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result,
ISC_R_SUCCESS ||
conn->nonce != nonce))
{
CHECK(ISCCC_R_BADAUTH);
CLEANUP(ISCCC_R_BADAUTH);
}
isc_buffer_allocate(listener->mctx, &conn->text, 2 * 2048);
@ -1076,7 +1076,7 @@ add_listener(named_controls_t *cp, controllistener_t **listenerp,
if ((pf == AF_INET && isc_net_probeipv4() != ISC_R_SUCCESS) ||
(pf == AF_INET6 && isc_net_probeipv6() != ISC_R_SUCCESS))
{
CHECK(ISC_R_FAMILYNOSUPPORT);
CLEANUP(ISC_R_FAMILYNOSUPPORT);
}
CHECK(isc_nm_listentcp(ISC_NM_LISTEN_ONE, &listener->address,

178
bin/named/server.c
View file

@ -711,7 +711,7 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp,
"key '%s': "
"invalid initialization method '%s'",
namestr, atstr);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
}
@ -763,7 +763,7 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp,
keystruct.algorithm, keystruct.data, keystruct.datalen);
if (!dst_algorithm_supported(algorithm)) {
CHECK(DST_R_UNSUPPORTEDALG);
CLEANUP(DST_R_UNSUPPORTEDALG);
}
CHECK(dns_rdata_fromstruct(&rdata, keystruct.common.rdclass,
@ -796,30 +796,30 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp,
switch (ds->digest_type) {
case DNS_DSDIGEST_SHA1:
if (r.length != ISC_SHA1_DIGESTLENGTH) {
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
break;
case DNS_DSDIGEST_SHA256:
if (r.length != ISC_SHA256_DIGESTLENGTH) {
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
break;
case DNS_DSDIGEST_SHA384:
if (r.length != ISC_SHA384_DIGESTLENGTH) {
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
break;
#if defined(DNS_DSDIGEST_SHA256PRIVATE)
case DNS_DSDIGEST_SHA256PRIVATE:
if (r.length < ISC_SHA256_DIGESTLENGTH) {
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
break;
#endif
#if defined(DNS_DSDIGEST_SHA384PRIVATE)
case DNS_DSDIGEST_SHA384PRIVATE:
if (r.length < ISC_SHA384_DIGESTLENGTH) {
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
break;
#endif
@ -828,12 +828,12 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp,
"key '%s': "
"unknown ds digest type %u",
namestr, ds->digest_type);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
break;
}
if (r.length > digest_len) {
CHECK(ISC_R_NOSPACE);
CLEANUP(ISC_R_NOSPACE);
}
ds->length = r.length;
ds->digest = digest;
@ -872,7 +872,7 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp,
}
#endif
if (!dst_algorithm_supported(algorithm)) {
CHECK(DST_R_UNSUPPORTEDALG);
CLEANUP(DST_R_UNSUPPORTEDALG);
}
break;
@ -1145,7 +1145,7 @@ configure_view_dnsseckeys(dns_view_t *view, const cfg_obj_t *vconfig,
isc_log_write(DNS_LOGCATEGORY_SECURITY,
NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR,
"root key not loaded");
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
}
@ -1176,7 +1176,7 @@ configure_view_dnsseckeys(dns_view_t *view, const cfg_obj_t *vconfig,
"managed-keys-directory '%s' "
"is not writable",
directory);
CHECK(ISC_R_NOPERM);
CLEANUP(ISC_R_NOPERM);
}
}
@ -1674,7 +1674,7 @@ check_dbtype(dns_zone_t *zone, unsigned int dbtypec, const char **dbargv,
*/
for (i = 0; i < dbtypec; i++) {
if (argv[i] == NULL || strcmp(argv[i], dbargv[i]) != 0) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
}
@ -2368,7 +2368,7 @@ catz_addmodzone_cb(void *arg) {
}
CHECK(cfg_map_get(zoneconf, "zone", &zlist));
if (!cfg_obj_islist(zlist)) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
/* For now we only support adding one zone at a time */
@ -2637,7 +2637,7 @@ catz_reconfigure(dns_catz_entry_t *entry, void *arg1, void *arg2) {
CHECK(cfg_map_get(zoneconf, "zone", &zlist));
if (!cfg_obj_islist(zlist)) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
zoneobj = cfg_listelt_value(cfg_list_first(zlist));
@ -3781,7 +3781,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config,
"rpz '%s' is not a primary or a "
"secondary zone",
namebuf);
CHECK(ISC_R_NOTFOUND);
CLEANUP(ISC_R_NOTFOUND);
}
}
}
@ -4310,7 +4310,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config,
if (dispatch4 == NULL && dispatch6 == NULL) {
UNEXPECTED_ERROR("unable to obtain either an IPv4 or"
" an IPv6 dispatch");
CHECK(ISC_R_UNEXPECTED);
CLEANUP(ISC_R_UNEXPECTED);
}
CHECK(dns_view_createresolver(view, resopts, tlsctx_client_cache,
@ -5793,7 +5793,7 @@ get_viewinfo(const cfg_obj_t *vconfig, const char **namep,
NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR,
"view '%s': class must not be meta",
viewname);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
} else {
viewname = "_default";
@ -5963,7 +5963,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig,
ISC_LOG_ERROR,
"zone '%s': wrong class for view '%s'", zname,
vname);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
(void)cfg_map_get(zoptions, "in-view", &viewobj);
@ -5975,7 +5975,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig,
cfg_obj_log(zconfig, ISC_LOG_ERROR,
"'in-view' option is not permitted in "
"dynamically added zones");
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
result = dns_viewlist_find(viewlist, inview, view->rdclass,
@ -5983,7 +5983,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig,
if (result != ISC_R_SUCCESS) {
cfg_obj_log(zconfig, ISC_LOG_ERROR,
"view '%s' is not yet defined.", inview);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
result = dns_view_findzone(otherview, origin, DNS_ZTFIND_EXACT,
@ -5993,7 +5993,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig,
cfg_obj_log(zconfig, ISC_LOG_ERROR,
"zone '%s' not defined in view '%s'", zname,
inview);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
CHECK(dns_view_addzone(view, zone));
@ -6020,7 +6020,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig,
if (typeobj == NULL) {
cfg_obj_log(zconfig, ISC_LOG_ERROR,
"zone '%s' 'type' not specified", zname);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
ztypestr = cfg_obj_asstring(typeobj);
@ -6036,7 +6036,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig,
isc_log_write(NAMED_LOGCATEGORY_GENERAL,
NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR,
"zone '%s': 'file' not specified", zname);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
if (dns_name_equal(origin, dns_rootname)) {
const char *hintsfile = cfg_obj_asstring(fileobj);
@ -6077,7 +6077,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig,
if (view->redirect != NULL) {
cfg_obj_log(zconfig, ISC_LOG_ERROR,
"redirect zone already exists");
CHECK(ISC_R_EXISTS);
CLEANUP(ISC_R_EXISTS);
}
result = dns_viewlist_find(viewlist, view->name, view->rdclass,
&pview);
@ -6116,7 +6116,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig,
cfg_obj_log(zconfig, ISC_LOG_ERROR,
"zone '%s' already exists", zname);
dns_zone_detach(&dupzone);
CHECK(ISC_R_EXISTS);
CLEANUP(ISC_R_EXISTS);
}
INSIST(dupzone == NULL);
}
@ -6827,7 +6827,7 @@ generate_session_key(const char *filename, const char *keynamestr,
if (fp == NULL) {
isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_SERVER,
ISC_LOG_ERROR, "could not create %s", filename);
CHECK(ISC_R_NOPERM);
CLEANUP(ISC_R_NOPERM);
}
fprintf(fp,
@ -12085,7 +12085,7 @@ nzf_writeconf(const cfg_obj_t *config, dns_view_t *view) {
cfg_map_get(config, "zone", &zl);
if (!cfg_obj_islist(zl)) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
list = UNCONST(&zl->value.list);
@ -12192,7 +12192,7 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone,
"Error deleting zone %s "
"from NZD database: %s",
namebuf, mdb_strerror(status));
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
} else if (status != MDB_NOTFOUND) {
commit = true;
}
@ -12206,7 +12206,7 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone,
NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR,
"Unable to get options from config in "
"nzd_save()");
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
dzarg.magic = DZARG_MAGIC;
@ -12232,7 +12232,7 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone,
"Error inserting zone in "
"NZD database: %s",
mdb_strerror(status));
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
commit = true;
@ -12394,7 +12394,7 @@ nzd_env_reopen(dns_view_t *view) {
isc_log_write(DNS_LOGCATEGORY_GENERAL, ISC_LOGMODULE_OTHER,
ISC_LOG_ERROR, "mdb_env_create failed: %s",
mdb_strerror(status));
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
if (view->newzone.mapsize != 0ULL) {
@ -12404,7 +12404,7 @@ nzd_env_reopen(dns_view_t *view) {
ISC_LOGMODULE_OTHER, ISC_LOG_ERROR,
"mdb_env_set_mapsize failed: %s",
mdb_strerror(status));
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
}
@ -12413,7 +12413,7 @@ nzd_env_reopen(dns_view_t *view) {
isc_log_write(DNS_LOGCATEGORY_GENERAL, ISC_LOGMODULE_OTHER,
ISC_LOG_ERROR, "mdb_env_open of '%s' failed: %s",
view->newzone.db, mdb_strerror(status));
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
view->newzone.dbenv = env;
@ -12508,7 +12508,7 @@ load_nzf(dns_view_t *view) {
zonelist = NULL;
CHECK(cfg_map_get(nzf_config, "zone", &zonelist));
if (!cfg_obj_islist(zonelist)) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
CHECK(nzd_open(view, 0, &txn, &dbi));
@ -12526,7 +12526,7 @@ load_nzf(dns_view_t *view) {
origin = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
if (origin == NULL) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
/* Normalize zone name */
@ -12542,7 +12542,7 @@ load_nzf(dns_view_t *view) {
zoptions = cfg_tuple_get(zconfig, "options");
if (zoptions == NULL) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
isc_buffer_clear(text);
@ -12569,7 +12569,7 @@ load_nzf(dns_view_t *view) {
"Error inserting zone in "
"NZD database: %s",
mdb_strerror(status));
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
commit = true;
@ -12652,7 +12652,7 @@ newzone_parse(named_server_t *server, char *command, dns_view_t **viewp,
CHECK(cfg_map_get(zoneconf, "zone", &zlist));
if (!cfg_obj_islist(zlist)) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
/* For now we only support adding one zone at a time */
@ -12668,14 +12668,14 @@ newzone_parse(named_server_t *server, char *command, dns_view_t **viewp,
if (obj != NULL) {
(void)putstr(text, "'in-view' zones not supported by ");
(void)putstr(text, bn);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
(void)cfg_map_get(zoptions, "template", &obj);
if (obj == NULL) {
(void)putstr(text, "no zone type or "
"template specified");
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
}
@ -12686,7 +12686,7 @@ newzone_parse(named_server_t *server, char *command, dns_view_t **viewp,
(void)putstr(text, cfg_obj_asstring(obj));
(void)putstr(text, "' zones not supported by ");
(void)putstr(text, bn);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
if (strcasecmp(cfg_obj_asstring(obj), "redirect") == 0) {
@ -12748,7 +12748,7 @@ delete_zoneconf(dns_view_t *view, const cfg_obj_t *config,
cfg_map_get(config, "zone", &zl);
if (!cfg_obj_islist(zl)) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
cfg_list_t *list = UNCONST(&zl->value.list);
@ -12848,7 +12848,7 @@ do_addzone(named_server_t *server, dns_view_t *view, dns_name_t *name,
TCHECK(putstr(text, "unable to open NZD database for '"));
TCHECK(putstr(text, view->newzone.db));
TCHECK(putstr(text, "'"));
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
#endif /* HAVE_LMDB */
@ -12884,7 +12884,7 @@ do_addzone(named_server_t *server, dns_view_t *view, dns_name_t *name,
/* Is it there yet? */
if (redirect) {
if (view->redirect == NULL) {
CHECK(ISC_R_NOTFOUND);
CLEANUP(ISC_R_NOTFOUND);
}
dns_zone_attach(view->redirect, &zone);
} else {
@ -13080,7 +13080,7 @@ do_modzone(named_server_t *server, dns_view_t *view, dns_name_t *name,
/* Is it there yet? */
if (redirect) {
if (view->redirect == NULL) {
CHECK(ISC_R_NOTFOUND);
CLEANUP(ISC_R_NOTFOUND);
}
dns_zone_attach(view->redirect, &zone);
} else {
@ -13246,7 +13246,7 @@ named_server_changezone(named_server_t *server, char *command,
(void)putstr(text, "Not allowing new zones in view '");
(void)putstr(text, view->name);
(void)putstr(text, "'");
CHECK(ISC_R_NOPERM);
CLEANUP(ISC_R_NOPERM);
}
zonename = cfg_obj_asstring(cfg_tuple_get(zoneobj, "name"));
@ -13260,7 +13260,7 @@ named_server_changezone(named_server_t *server, char *command,
if (!dns_name_equal(dnsname, dns_rootname)) {
(void)putstr(text, "redirect zones must be called "
"\".\"");
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
}
@ -13509,7 +13509,7 @@ named_server_delzone(named_server_t *server, isc_lex_t *lex,
CHECK(zone_from_args(server, lex, ptr, &zone, zonename, text, false));
if (zone == NULL) {
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
INSIST(zonename != NULL);
@ -13520,7 +13520,7 @@ named_server_delzone(named_server_t *server, isc_lex_t *lex,
TCHECK(putstr(text, zonename));
TCHECK(putstr(text,
"' cannot be deleted: response-policy zone."));
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
view = dns_zone_getview(zone);
@ -13627,14 +13627,14 @@ named_server_showzone(named_server_t *server, isc_lex_t *lex,
/* Parse parameters */
CHECK(zone_from_args(server, lex, NULL, &zone, zonename, text, true));
if (zone == NULL) {
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
zconfig = dns_zone_getcfg(zone);
dns_zone_detach(&zone);
if (zconfig == NULL) {
CHECK(ISC_R_NOTFOUND);
CLEANUP(ISC_R_NOTFOUND);
}
CHECK(putstr(text, "zone "));
@ -13823,12 +13823,12 @@ named_server_signing(named_server_t *server, isc_lex_t *lex,
CHECK(isc_parse_uint32(&serial, ptr, 10));
setserial = true;
} else {
CHECK(DNS_R_SYNTAX);
CLEANUP(DNS_R_SYNTAX);
}
CHECK(zone_from_args(server, lex, NULL, &zone, NULL, text, false));
if (zone == NULL) {
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
if (dns_zone_getkasp(zone) != NULL) {
@ -13990,7 +13990,7 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex,
} else if (strcasecmp(ptr, "-step") == 0) {
forcestep = true;
} else {
CHECK(DNS_R_SYNTAX);
CLEANUP(DNS_R_SYNTAX);
}
if (status) {
@ -14018,13 +14018,13 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex,
ptr = next_token(lex, text);
if (ptr == NULL) {
msg = "Bad format";
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
} else if (argcheck(ptr, "alg")) {
isc_consttextregion_t alg;
ptr = next_token(lex, text);
if (ptr == NULL) {
msg = "No key algorithm specified";
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
alg.base = ptr;
alg.length = strlen(alg.base);
@ -14032,7 +14032,7 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex,
&algorithm, (isc_textregion_t *)&alg);
if (result != ISC_R_SUCCESS) {
msg = "Bad algorithm";
CHECK(DNS_R_SYNTAX);
CLEANUP(DNS_R_SYNTAX);
}
continue;
} else if (argcheck(ptr, "key")) {
@ -14040,7 +14040,7 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex,
ptr = next_token(lex, text);
if (ptr == NULL) {
msg = "No key identifier specified";
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
CHECK(isc_parse_uint16(&id, ptr, 10));
keyid = (dns_keytag_t)id;
@ -14051,14 +14051,14 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex,
ptr = next_token(lex, text);
if (ptr == NULL) {
msg = "No time specified";
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
CHECK(dns_time32_fromtext(ptr, &tw));
when = (isc_stdtime_t)tw;
continue;
} else if (ptr[0] == '-') {
msg = "Unknown option";
CHECK(DNS_R_SYNTAX);
CLEANUP(DNS_R_SYNTAX);
} else if (checkds) {
/*
* No arguments provided, so we must be
@ -14067,7 +14067,7 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex,
if (strcasecmp(ptr, "published") == 0) {
dspublish = true;
} else if (strcasecmp(ptr, "withdrawn") != 0) {
CHECK(DNS_R_SYNTAX);
CLEANUP(DNS_R_SYNTAX);
}
} else if (rollover) {
/*
@ -14081,12 +14081,12 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex,
if (rollover && !use_keyid) {
msg = "Key id is required when scheduling rollover";
CHECK(DNS_R_SYNTAX);
CLEANUP(DNS_R_SYNTAX);
}
if (algorithm > 0 && !use_keyid) {
msg = "Key id is required when setting algorithm";
CHECK(DNS_R_SYNTAX);
CLEANUP(DNS_R_SYNTAX);
}
}
@ -14094,14 +14094,14 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex,
CHECK(zone_from_args(server, lex, zonetext, &zone, NULL, text, false));
if (zone == NULL) {
msg = "Zone not found";
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
/* Trailing garbage? */
ptr = next_token(lex, text);
if (ptr != NULL) {
msg = "Too many arguments";
CHECK(DNS_R_SYNTAX);
CLEANUP(DNS_R_SYNTAX);
}
/* Get dnssec-policy. */
@ -14338,7 +14338,7 @@ named_server_zonestatus(named_server_t *server, isc_lex_t *lex,
CHECK(zone_from_args(server, lex, NULL, &zone, zonename, text, true));
if (zone == NULL) {
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
/* Inline signing? */
@ -14620,7 +14620,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly,
ptr = next_token(lex, text);
if (ptr == NULL) {
msg = "No lifetime specified";
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
tr.base = ptr;
@ -14633,7 +14633,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly,
if (ntattl > 604800) {
msg = "NTA lifetime cannot exceed one week";
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
ttlset = true;
@ -14644,7 +14644,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly,
ptr = next_token(lex, text);
if (ptr == NULL) {
msg = "No class specified";
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
tr.base = ptr;
@ -14653,7 +14653,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly,
continue;
} else if (ptr[0] == '-') {
msg = "Unknown option";
CHECK(DNS_R_SYNTAX);
CLEANUP(DNS_R_SYNTAX);
} else {
nametext = ptr;
}
@ -14694,7 +14694,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly,
NAMED_LOGMODULE_CONTROL, ISC_LOG_INFO,
"rejecting restricted control channel "
"NTA command");
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
/* Get the NTA name if not found above. */
@ -14726,7 +14726,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly,
}
if (next_token(lex, text) != NULL) {
CHECK(DNS_R_SYNTAX);
CLEANUP(DNS_R_SYNTAX);
}
now = isc_stdtime_now();
@ -14917,7 +14917,7 @@ mkey_destroy(dns_view_t *view, isc_buffer_t *text) {
bool removed_a_file = false;
if (view->managed_keys == NULL) {
CHECK(ISC_R_NOTFOUND);
CLEANUP(ISC_R_NOTFOUND);
}
snprintf(msg, sizeof(msg), "destroying managed-keys database for '%s'",
@ -14960,7 +14960,7 @@ mkey_destroy(dns_view_t *view, isc_buffer_t *text) {
if (!removed_a_file) {
CHECK(putstr(text, "error: no files could be removed"));
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
dns_zone_detach(&mkzone);
@ -15147,7 +15147,7 @@ named_server_mkeys(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) {
} else {
snprintf(msg, sizeof(msg), "unknown command '%s'", cmd);
(void)putstr(text, msg);
CHECK(ISC_R_UNEXPECTED);
CLEANUP(ISC_R_UNEXPECTED);
}
/* Look for the optional class name. */
@ -15315,10 +15315,10 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) {
CHECK(isc_parse_uint32(&initial, ptr, 10));
initial *= 100;
if (initial > MAX_INITIAL_TIMEOUT) {
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
if (initial < MIN_INITIAL_TIMEOUT) {
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
ptr = next_token(lex, text);
@ -15328,10 +15328,10 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) {
CHECK(isc_parse_uint32(&idle, ptr, 10));
idle *= 100;
if (idle > MAX_IDLE_TIMEOUT) {
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
if (idle < MIN_IDLE_TIMEOUT) {
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
ptr = next_token(lex, text);
@ -15341,10 +15341,10 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) {
CHECK(isc_parse_uint32(&keepalive, ptr, 10));
keepalive *= 100;
if (keepalive > MAX_KEEPALIVE_TIMEOUT) {
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
if (keepalive < MIN_KEEPALIVE_TIMEOUT) {
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
ptr = next_token(lex, text);
@ -15354,7 +15354,7 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) {
CHECK(isc_parse_uint32(&advertised, ptr, 10));
advertised *= 100;
if (advertised > MAX_ADVERTISED_TIMEOUT) {
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
ptr = next_token(lex, text);
@ -15364,10 +15364,10 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) {
CHECK(isc_parse_uint32(&primaries, ptr, 10));
primaries *= 100;
if (primaries > MAX_PRIMARIES_TIMEOUT) {
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
if (primaries < MIN_PRIMARIES_TIMEOUT) {
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
isc_nm_setinitialtimeout(initial);
@ -15608,7 +15608,7 @@ named_server_fetchlimit(named_server_t *server, isc_lex_t *lex,
s = snprintf(tbuf, sizeof(tbuf),
" (fetches-per-server %u):", val);
if (s < 0 || (unsigned int)s > sizeof(tbuf)) {
CHECK(ISC_R_NOSPACE);
CLEANUP(ISC_R_NOSPACE);
}
first = false;
CHECK(putstr(text, tbuf));
@ -15624,7 +15624,7 @@ named_server_fetchlimit(named_server_t *server, isc_lex_t *lex,
s = snprintf(tbuf, sizeof(tbuf),
" (fetches-per-zone %u):", val);
if (s < 0 || (unsigned int)s > sizeof(tbuf)) {
CHECK(ISC_R_NOSPACE);
CLEANUP(ISC_R_NOSPACE);
}
CHECK(putstr(text, tbuf));
used = isc_buffer_usedlength(text);
@ -15666,7 +15666,7 @@ named_server_skr(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) {
}
if (strcasecmp(ptr, "-import") != 0) {
CHECK(DNS_R_SYNTAX);
CLEANUP(DNS_R_SYNTAX);
}
ptr = next_token(lex, NULL);
@ -15677,7 +15677,7 @@ named_server_skr(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) {
CHECK(zone_from_args(server, lex, NULL, &zone, NULL, text, false));
if (zone == NULL) {
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
kasp = dns_zone_getkasp(zone);
if (kasp == NULL) {

8
bin/named/statschannel.c
View file

@ -2405,7 +2405,7 @@ zone_jsonrender(dns_zone_t *zone, void *arg) {
if (zonestats != NULL) {
json_object *counters = json_object_new_object();
if (counters == NULL) {
CHECK(ISC_R_NOMEMORY);
CLEANUP(ISC_R_NOMEMORY);
}
result = dump_stats(zonestats, isc_statsformat_json,
@ -2429,7 +2429,7 @@ zone_jsonrender(dns_zone_t *zone, void *arg) {
if (gluecachestats != NULL) {
json_object *counters = json_object_new_object();
if (counters == NULL) {
CHECK(ISC_R_NOMEMORY);
CLEANUP(ISC_R_NOMEMORY);
}
result = dump_stats(
@ -2582,7 +2582,7 @@ xfrin_jsonrender(dns_zone_t *zone, void *arg) {
}
if (xfrinobj == NULL) {
CHECK(ISC_R_NOMEMORY);
CLEANUP(ISC_R_NOMEMORY);
}
result = dns_zone_getxfr(zone, &xfr, &is_firstrefresh, &is_running,
@ -3650,7 +3650,7 @@ add_listener(named_server_t *server, named_statschannel_t **listenerp,
if ((pf == AF_INET && isc_net_probeipv4() != ISC_R_SUCCESS) ||
(pf == AF_INET6 && isc_net_probeipv6() != ISC_R_SUCCESS))
{
CHECK(ISC_R_FAMILYNOSUPPORT);
CLEANUP(ISC_R_FAMILYNOSUPPORT);
}
CHECK(isc_httpdmgr_create(server->mctx, addr, client_ok,

2
bin/named/transportconf.c
View file

@ -147,7 +147,7 @@ add_tls_transports(const cfg_obj_t *transportlist, dns_transport_list_t *list) {
tlsid = cfg_obj_asstring(cfg_map_getname(tls));
if (!strcmp(tlsid, "ephemeral")) {
CHECK(ISC_R_UNEXPECTEDTOKEN);
CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
create_name(tlsid, tlsname);

2
bin/named/tsigconf.c
View file

@ -81,7 +81,7 @@ add_initial_keys(const cfg_obj_t *list, dns_tsigkeyring_t *ring,
"key '%s': has a "
"unsupported algorithm '%s'",
keyid, algstr);
CHECK(DNS_R_BADALG);
CLEANUP(DNS_R_BADALG);
}
secretstr = cfg_obj_asstring(secretobj);

4
bin/named/zoneconf.c
View file

@ -364,7 +364,7 @@ configure_zone_ssutable(const cfg_obj_t *zconfig, const cfg_obj_t *tconfig,
"failed to enable auto DDNS policy "
"for zone %s: session key not found",
zname);
CHECK(ISC_R_NOTFOUND);
CLEANUP(ISC_R_NOTFOUND);
}
dns_ssutable_addrule(
@ -600,7 +600,7 @@ configure_staticstub(const cfg_obj_t *zconfig, const cfg_obj_t *tconfig,
"No NS record is configured for a "
"static-stub zone '%s'",
zname);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
/*

2
bin/tests/system/dyndb/driver/instance.c
View file

@ -78,7 +78,7 @@ parse_params(isc_mem_t *mctx, int argc, char **argv, dns_name_t *z1,
if (argc != 2) {
log_error("exactly two parameters "
"(absolute zone names) are required");
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
result = dns_name_fromstring(z1, argv[0], dns_rootname, 0, mctx);
if (result != ISC_R_SUCCESS) {

7
bin/tests/system/dyndb/driver/zone.c
View file

@ -139,8 +139,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) {
/* Zone has a view set -> view should contain the same zone. */
if (zone_in_view == zone) {
/* Zone is already published in the right view. */
result = ISC_R_SUCCESS;
goto cleanup;
CLEANUP(ISC_R_SUCCESS);
} else if (view_in_zone != inst->view) {
/*
* Un-published inactive zone will have
@ -150,7 +149,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) {
dns_zone_log(zone, ISC_LOG_ERROR,
"zone->view doesn't "
"match data in the view");
CHECK(ISC_R_UNEXPECTED);
CLEANUP(ISC_R_UNEXPECTED);
}
}
@ -158,7 +157,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) {
dns_zone_log(zone, ISC_LOG_ERROR,
"cannot publish zone: view already "
"contains another zone with this name");
CHECK(ISC_R_UNEXPECTED);
CLEANUP(ISC_R_UNEXPECTED);
}
if (inst->view->frozen) {

12
lib/dns/catz.c
View file

@ -1208,14 +1208,14 @@ catz_process_coo(dns_catz_zone_t *catz, dns_label_t *mhash,
RETERR(dns_rdata_tostruct(&rdata, &ptr, NULL));
if (dns_name_countlabels(&ptr.ptr) == 0) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
CHECK(isc_ht_find(catz->entries, mhash->base, mhash->length,
(void **)&entry));
if (dns_name_countlabels(&entry->name) == 0) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
catz_coo_add(catz, entry, &ptr.ptr);
@ -1315,10 +1315,10 @@ catz_process_version(dns_catz_zone_t *catz, dns_rdataset_t *value) {
result = dns_rdata_txt_next(&rdatatxt);
if (result != ISC_R_NOMORE) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
if (rdatastr.length > 15) {
CHECK(ISC_R_BADNUMBER);
CLEANUP(ISC_R_BADNUMBER);
}
memmove(t, rdatastr.data, rdatastr.length);
t[rdatastr.length] = 0;
@ -1946,7 +1946,7 @@ dns_catz_generate_zonecfg(dns_catz_zone_t *catz, dns_catz_entry_t *entry,
"catz: zone '%s' uses an invalid primary "
"(no IP address assigned)",
zname);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
isc_netaddr_fromsockaddr(&netaddr,
&entry->opts.masters.addrs[i]);
@ -2074,7 +2074,7 @@ dns_catz_dbupdate_callback(dns_db_t *db, void *fn_arg) {
LOCK(&catzs->lock);
if (catzs->zones == NULL) {
CHECK(ISC_R_SHUTTINGDOWN);
CLEANUP(ISC_R_SHUTTINGDOWN);
}
CHECK(isc_ht_find(catzs->zones, r.base, r.length, (void **)&catz));

2
lib/dns/dlz.c
View file

@ -417,7 +417,7 @@ dns_dlz_writeablezone(dns_view_t *view, dns_dlzdb_t *dlzdb,
result = dns_view_findzone(view, origin, DNS_ZTFIND_EXACT, &dupzone);
if (result == ISC_R_SUCCESS) {
dns_zone_detach(&dupzone);
CHECK(ISC_R_EXISTS);
CLEANUP(ISC_R_EXISTS);
}
INSIST(dupzone == NULL);

10
lib/dns/dnssec.c
View file

@ -885,12 +885,12 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg,
signeedsfree = true;
if (sig.labels != 0) {
CHECK(DNS_R_SIGINVALID);
CLEANUP(DNS_R_SIGINVALID);
}
if (isc_serial_lt(sig.timeexpire, sig.timesigned)) {
msg->sig0status = dns_tsigerror_badtime;
CHECK(DNS_R_SIGINVALID);
CLEANUP(DNS_R_SIGINVALID);
}
if (msg->fuzzing) {
@ -901,15 +901,15 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg,
if (isc_serial_lt((uint32_t)now, sig.timesigned)) {
msg->sig0status = dns_tsigerror_badtime;
CHECK(DNS_R_SIGFUTURE);
CLEANUP(DNS_R_SIGFUTURE);
} else if (isc_serial_lt(sig.timeexpire, (uint32_t)now)) {
msg->sig0status = dns_tsigerror_badtime;
CHECK(DNS_R_SIGEXPIRED);
CLEANUP(DNS_R_SIGEXPIRED);
}
if (!dns_name_equal(dst_key_name(key), &sig.signer)) {
msg->sig0status = dns_tsigerror_badkey;
CHECK(DNS_R_SIGINVALID);
CLEANUP(DNS_R_SIGINVALID);
}
CHECK(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false,

34
lib/dns/dnstap.c
View file

@ -164,13 +164,13 @@ dns_dt_create(isc_mem_t *mctx, dns_dtmode_t mode, const char *path,
fwopt = fstrm_writer_options_init();
if (fwopt == NULL) {
CHECK(ISC_R_NOMEMORY);
CLEANUP(ISC_R_NOMEMORY);
}
res = fstrm_writer_options_add_content_type(
fwopt, DNSTAP_CONTENT_TYPE, sizeof(DNSTAP_CONTENT_TYPE) - 1);
if (res != fstrm_res_success) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
if (mode == dns_dtmode_file) {
@ -187,11 +187,11 @@ dns_dt_create(isc_mem_t *mctx, dns_dtmode_t mode, const char *path,
fw = fstrm_unix_writer_init(fuwopt, fwopt);
}
} else {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
if (fw == NULL) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
env->iothr = fstrm_iothr_init(*foptp, &fw);
@ -200,7 +200,7 @@ dns_dt_create(isc_mem_t *mctx, dns_dtmode_t mode, const char *path,
ISC_LOG_WARNING,
"unable to initialize dnstap I/O thread");
fstrm_writer_destroy(&fw);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
env->mode = mode;
env->max_size = 0;
@ -281,13 +281,13 @@ dns_dt_reopen(dns_dtenv_t *env, int roll) {
*/
fwopt = fstrm_writer_options_init();
if (fwopt == NULL) {
CHECK(ISC_R_NOMEMORY);
CLEANUP(ISC_R_NOMEMORY);
}
res = fstrm_writer_options_add_content_type(
fwopt, DNSTAP_CONTENT_TYPE, sizeof(DNSTAP_CONTENT_TYPE) - 1);
if (res != fstrm_res_success) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
if (env->mode == dns_dtmode_file) {
@ -304,11 +304,11 @@ dns_dt_reopen(dns_dtenv_t *env, int roll) {
fw = fstrm_unix_writer_init(fuwopt, fwopt);
}
} else {
CHECK(ISC_R_NOTIMPLEMENTED);
CLEANUP(ISC_R_NOTIMPLEMENTED);
}
if (fw == NULL) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
/*
@ -350,7 +350,7 @@ dns_dt_reopen(dns_dtenv_t *env, int roll) {
isc_log_write(DNS_LOGCATEGORY_DNSTAP, DNS_LOGMODULE_DNSTAP,
ISC_LOG_WARNING,
"unable to initialize dnstap I/O thread");
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
cleanup:
@ -938,23 +938,23 @@ dns_dt_open(const char *filename, dns_dtmode_t mode, isc_mem_t *mctx,
case dns_dtmode_file:
fopt = fstrm_file_options_init();
if (fopt == NULL) {
CHECK(ISC_R_NOMEMORY);
CLEANUP(ISC_R_NOMEMORY);
}
fstrm_file_options_set_file_path(fopt, filename);
handle->reader = fstrm_file_reader_init(fopt, NULL);
if (handle->reader == NULL) {
CHECK(ISC_R_NOMEMORY);
CLEANUP(ISC_R_NOMEMORY);
}
res = fstrm_reader_open(handle->reader);
if (res != fstrm_res_success) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
if (!dnstap_file(handle->reader)) {
CHECK(DNS_R_BADDNSTAP);
CLEANUP(DNS_R_BADDNSTAP);
}
break;
case dns_dtmode_unix:
@ -1043,13 +1043,13 @@ dns_dt_parse(isc_mem_t *mctx, isc_region_t *src, dns_dtdata_t **destp) {
d->frame = dnstap__dnstap__unpack(NULL, src->length, src->base);
if (d->frame == NULL) {
CHECK(ISC_R_NOMEMORY);
CLEANUP(ISC_R_NOMEMORY);
}
frame = (Dnstap__Dnstap *)d->frame;
if (frame->type != DNSTAP__DNSTAP__TYPE__MESSAGE) {
CHECK(DNS_R_BADDNSTAP);
CLEANUP(DNS_R_BADDNSTAP);
}
m = frame->message;
@ -1099,7 +1099,7 @@ dns_dt_parse(isc_mem_t *mctx, isc_region_t *src, dns_dtdata_t **destp) {
d->type = DNS_DTTYPE_UR;
break;
default:
CHECK(DNS_R_BADDNSTAP);
CLEANUP(DNS_R_BADDNSTAP);
}
/* Query? */

8
lib/dns/dst_api.c
View file

@ -88,7 +88,7 @@
CHECK(result); \
} while ((*token).type != isc_tokentype_eol)
#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN)
#define BADTOKEN() CLEANUP(ISC_R_UNEXPECTEDTOKEN)
static const char *numerictags[DST_MAX_NUMERIC] = {
[DST_NUM_PREDECESSOR] = "Predecessor:",
@ -480,7 +480,7 @@ dst_key_fromfile(dns_name_t *name, dns_keytag_t id, unsigned int alg, int type,
if (!dns_name_equal(name, key->key_name) || id != key->key_id ||
alg != key->key_alg)
{
CHECK(DST_R_INVALIDPRIVATEKEY);
CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
*keyp = key;
@ -569,7 +569,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type,
pubkey->key_ttl, mctx);
if (key->func->parse == NULL) {
CHECK(DST_R_UNSUPPORTEDALG);
CLEANUP(DST_R_UNSUPPORTEDALG);
}
newfilenamelen = strlen(filename) + 9;
@ -603,7 +603,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type,
CHECK(computeid(key));
if (pubkey->key_id != key->key_id) {
CHECK(DST_R_INVALIDPRIVATEKEY);
CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
key->modified = false;

6
lib/dns/dyndb.c
View file

@ -137,7 +137,7 @@ load_library(isc_mem_t *mctx, const char *filename, const char *instname,
"failed to dlopen() DynDB instance '%s' driver "
"'%s': %s",
instname, filename, errmsg);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
CHECK(load_symbol(&imp->handle, filename, "dyndb_version",
@ -151,7 +151,7 @@ load_library(isc_mem_t *mctx, const char *filename, const char *instname,
ISC_LOG_ERROR,
"driver API version mismatch: %d/%d", version,
DNS_DYNDB_VERSION);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
CHECK(load_symbol(&imp->handle, filename, "dyndb_init",
@ -207,7 +207,7 @@ dns_dyndb_load(const char *libname, const char *name, const char *parameters,
/* duplicate instance names are not allowed */
if (impfind(name) != NULL) {
CHECK(ISC_R_EXISTS);
CLEANUP(ISC_R_EXISTS);
}
CHECK(load_library(mctx, libname, name, &implementation));

6
lib/dns/gssapictx.c
View file

@ -314,7 +314,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken,
gret = gss_import_name(&minor, &gnamebuf, GSS_C_NO_OID, &gname);
if (gret != GSS_S_COMPLETE) {
gss_err_message(mctx, gret, minor, err_message);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
if (intoken != NULL) {
@ -345,7 +345,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken,
gss_log(3, "Failure initiating security context");
}
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
/*
@ -480,7 +480,7 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken,
gss_log(3, "failed gss_display_name: %s",
gss_error_tostring(gret, minor, buf,
sizeof(buf)));
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
/*

36
lib/dns/journal.c
View file

@ -610,14 +610,14 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create,
*/
result = isc_stdio_open(j->filename, "rb+", &fp);
} else {
CHECK(ISC_R_NOTFOUND);
CLEANUP(ISC_R_NOTFOUND);
}
}
if (result != ISC_R_SUCCESS) {
isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL,
ISC_LOG_ERROR, "%s: open: %s", j->filename,
isc_result_totext(result));
CHECK(ISC_R_UNEXPECTED);
CLEANUP(ISC_R_UNEXPECTED);
}
j->fp = fp;
@ -656,7 +656,7 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create,
isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL,
ISC_LOG_ERROR,
"%s: journal format not recognized", j->filename);
CHECK(ISC_R_UNEXPECTED);
CLEANUP(ISC_R_UNEXPECTED);
}
journal_header_decode(&rawheader, &j->header);
@ -1497,7 +1497,7 @@ dns_journal_rollforward(dns_journal_t *j, dns_db_t *db, unsigned int options) {
}
if (db_serial == end_serial) {
CHECK(DNS_R_UPTODATE);
CLEANUP(DNS_R_UPTODATE);
}
CHECK(dns_journal_iter_init(j, db_serial, end_serial, NULL));
@ -1527,7 +1527,7 @@ dns_journal_rollforward(dns_journal_t *j, dns_db_t *db, unsigned int options) {
"%s: journal file corrupt: missing "
"initial SOA",
j->filename);
CHECK(ISC_R_UNEXPECTED);
CLEANUP(ISC_R_UNEXPECTED);
}
if ((options & DNS_JOURNALOPT_RESIGN) != 0) {
op = (n_soa == 1) ? DNS_DIFFOP_DELRESIGN
@ -1673,7 +1673,7 @@ dns_journal_print(isc_mem_t *mctx, uint32_t flags, const char *filename,
"%s: journal file corrupt: missing "
"initial SOA",
j->filename);
CHECK(ISC_R_UNEXPECTED);
CLEANUP(ISC_R_UNEXPECTED);
}
if (print) {
@ -1859,7 +1859,7 @@ dns_journal_iter_init(dns_journal_t *j, uint32_t begin_serial,
if (xhdr.serial0 != pos.serial ||
isc_serial_le(xhdr.serial1, xhdr.serial0))
{
CHECK(ISC_R_UNEXPECTED);
CLEANUP(ISC_R_UNEXPECTED);
}
size += xhdr.size;
@ -1940,7 +1940,7 @@ read_one_rr(dns_journal_t *j) {
DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR,
"%s: journal corrupt: empty transaction",
j->filename);
CHECK(ISC_R_UNEXPECTED);
CLEANUP(ISC_R_UNEXPECTED);
}
if (j->header_ver1) {
@ -1957,7 +1957,7 @@ read_one_rr(dns_journal_t *j) {
"expected serial %u, got %u",
j->filename, j->it.current_serial,
xhdr.serial0);
CHECK(ISC_R_UNEXPECTED);
CLEANUP(ISC_R_UNEXPECTED);
}
j->it.xsize = xhdr.size;
@ -1980,7 +1980,7 @@ read_one_rr(dns_journal_t *j) {
"%s: journal corrupt: impossible RR size "
"(%d bytes)",
j->filename, rrhdr.size);
CHECK(ISC_R_UNEXPECTED);
CLEANUP(ISC_R_UNEXPECTED);
}
size_buffer(j->mctx, &j->it.source, rrhdr.size);
@ -2009,7 +2009,7 @@ read_one_rr(dns_journal_t *j) {
* Check that the RR header is there, and parse it.
*/
if (isc_buffer_remaininglength(&j->it.source) < 10) {
CHECK(DNS_R_FORMERR);
CLEANUP(DNS_R_FORMERR);
}
rdtype = isc_buffer_getuint16(&j->it.source);
@ -2023,14 +2023,14 @@ read_one_rr(dns_journal_t *j) {
"%s: journal corrupt: impossible rdlen "
"(%u bytes)",
j->filename, rdlen);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
/*
* Parse the rdata.
*/
if (isc_buffer_remaininglength(&j->it.source) != rdlen) {
CHECK(DNS_R_FORMERR);
CLEANUP(DNS_R_FORMERR);
}
isc_buffer_setactive(&j->it.source, rdlen);
dns_rdata_reset(&j->it.rdata);
@ -2581,7 +2581,7 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial,
"%s: journal file corrupt, "
"transaction too large",
j1->filename);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
buf = isc_mem_get(mctx, size);
result = journal_read(j1, buf, size);
@ -2616,13 +2616,13 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial,
"%s: journal file corrupt, "
"transaction too large",
j1->filename);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
buf = isc_mem_get(mctx, size);
CHECK(journal_read(j1, buf, size));
if (!check_delta(buf, size)) {
CHECK(ISC_R_UNEXPECTED);
CLEANUP(ISC_R_UNEXPECTED);
}
} else {
CHECK(result);
@ -2649,7 +2649,7 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial,
if (xhdr.serial0 != serial ||
isc_serial_le(xhdr.serial1, xhdr.serial0))
{
CHECK(ISC_R_UNEXPECTED);
CLEANUP(ISC_R_UNEXPECTED);
}
/*
@ -2750,7 +2750,7 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial,
(void)isc_file_remove(backup);
} else {
maperrno:
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
}

12
lib/dns/master.c
View file

@ -2389,7 +2389,7 @@ load_raw(dns_loadctx_t *lctx) {
sizeof(uint16_t) + sizeof(uint16_t) +
sizeof(uint32_t) + sizeof(uint32_t);
if (totallen < minlen) {
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
totallen -= sizeof(totallen);
@ -2424,14 +2424,14 @@ load_raw(dns_loadctx_t *lctx) {
dns_rdatalist_init(&rdatalist);
rdatalist.rdclass = isc_buffer_getuint16(&target);
if (lctx->zclass != rdatalist.rdclass) {
CHECK(DNS_R_BADCLASS);
CLEANUP(DNS_R_BADCLASS);
}
rdatalist.type = isc_buffer_getuint16(&target);
rdatalist.covers = isc_buffer_getuint16(&target);
rdatalist.ttl = isc_buffer_getuint32(&target);
rdcount = isc_buffer_getuint32(&target);
if (rdcount == 0 || rdcount > 0xffff) {
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
INSIST(isc_buffer_consumedlength(&target) <= readlen);
@ -2440,7 +2440,7 @@ load_raw(dns_loadctx_t *lctx) {
lctx->f, &totallen));
namelen = isc_buffer_getuint16(&target);
if (namelen > sizeof(namebuf)) {
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
CHECK(read_and_check(sequential_read, &target, namelen, lctx->f,
@ -2457,7 +2457,7 @@ load_raw(dns_loadctx_t *lctx) {
"TTL %d exceeds configured "
"max-zone-ttl %d",
rdatalist.ttl, lctx->maxttl);
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
/* Rdata contents. */
@ -2534,7 +2534,7 @@ load_raw(dns_loadctx_t *lctx) {
* or malformed data.
*/
if (isc_buffer_remaininglength(&target) != 0 || totallen != 0) {
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
ISC_LIST_APPEND(head, &rdatalist, link);

14
lib/dns/message.c
View file

@ -967,7 +967,7 @@ getquestions(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx,
*/
isc_buffer_remainingregion(source, &r);
if (r.length < 4) {
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
rdtype = isc_buffer_getuint16(source);
rdclass = isc_buffer_getuint16(source);
@ -1100,7 +1100,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx,
*/
isc_buffer_remainingregion(source, &r);
if (r.length < 2 + 2 + 4 + 2) {
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
rdtype = isc_buffer_getuint16(source);
rdclass = isc_buffer_getuint16(source);
@ -1209,7 +1209,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx,
rdatalen = isc_buffer_getuint16(source);
r.length -= (2 + 2 + 4 + 2);
if (r.length < rdatalen) {
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
/*
@ -1223,7 +1223,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx,
update(sectionid, rdclass))
{
if (rdatalen != 0) {
CHECK(DNS_R_FORMERR);
CLEANUP(DNS_R_FORMERR);
}
/*
* When the rdata is empty, the data pointer is
@ -1290,7 +1290,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx,
if (rdtype == dns_rdatatype_nsec3 &&
!dns_rdata_checkowner(name, msg->rdclass, rdtype, false))
{
CHECK(DNS_R_BADOWNERNAME);
CLEANUP(DNS_R_BADOWNERNAME);
}
/*
@ -3586,7 +3586,7 @@ render_zoneversion(dns_message_t *msg, isc_buffer_t *optbuf,
if (isc_buffer_availablelength(target) <
1)
{
CHECK(ISC_R_NOSPACE);
CLEANUP(ISC_R_NOSPACE);
}
isc_buffer_putmem(target, &data[i], 1);
} else {
@ -4830,7 +4830,7 @@ buildopt(dns_message_t *message, dns_rdataset_t **rdatasetp) {
}
if (len > 0xffffU) {
CHECK(ISC_R_NOSPACE);
CLEANUP(ISC_R_NOSPACE);
}
isc_buffer_allocate(message->mctx, &buf, len);

16
lib/dns/openssl_link.c
View file

@ -46,12 +46,6 @@
#include "openssl_shim.h"
#define DST_RET(a) \
{ \
result = a; \
goto cleanup; \
}
static isc_result_t
dst__openssl_fromlabel_provider(int key_base_id, const char *label,
const char *pin, EVP_PKEY **ppub,
@ -64,7 +58,7 @@ dst__openssl_fromlabel_provider(int key_base_id, const char *label,
ctx = OSSL_STORE_open(label, NULL, NULL, NULL, NULL);
if (!ctx) {
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
while (!OSSL_STORE_eof(ctx)) {
@ -76,23 +70,23 @@ dst__openssl_fromlabel_provider(int key_base_id, const char *label,
case OSSL_STORE_INFO_PKEY:
if (*ppriv != NULL) {
OSSL_STORE_INFO_free(info);
DST_RET(DST_R_INVALIDPRIVATEKEY);
CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
*ppriv = OSSL_STORE_INFO_get1_PKEY(info);
if (EVP_PKEY_get_base_id(*ppriv) != key_base_id) {
OSSL_STORE_INFO_free(info);
DST_RET(DST_R_BADKEYTYPE);
CLEANUP(DST_R_BADKEYTYPE);
}
break;
case OSSL_STORE_INFO_PUBKEY:
if (*ppub != NULL) {
OSSL_STORE_INFO_free(info);
DST_RET(DST_R_INVALIDPUBLICKEY);
CLEANUP(DST_R_INVALIDPUBLICKEY);
}
*ppub = OSSL_STORE_INFO_get1_PUBKEY(info);
if (EVP_PKEY_get_base_id(*ppub) != key_base_id) {
OSSL_STORE_INFO_free(info);
DST_RET(DST_R_BADKEYTYPE);
CLEANUP(DST_R_BADKEYTYPE);
}
break;
}

134
lib/dns/opensslecdsa_link.c
View file

@ -50,12 +50,6 @@
#define MAX_PRIVKEY_SIZE (MAX_PUBKEY_SIZE / 2)
#define DST_RET(a) \
{ \
result = a; \
goto cleanup; \
}
#if OPENSSL_VERSION_NUMBER >= 0x30200000L
static isc_result_t
opensslecdsa_set_deterministic(EVP_PKEY_CTX *pctx, unsigned int key_alg) {
@ -184,13 +178,13 @@ opensslecdsa_create_pkey_params(unsigned int key_alg, bool private,
bld = OSSL_PARAM_BLD_new();
if (bld == NULL) {
DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_new",
CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_new",
DST_R_OPENSSLFAILURE));
}
status = OSSL_PARAM_BLD_push_utf8_string(
bld, OSSL_PKEY_PARAM_GROUP_NAME, groupname, 0);
if (status != 1) {
DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_"
CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_"
"utf8_string",
DST_R_OPENSSLFAILURE));
}
@ -198,27 +192,27 @@ opensslecdsa_create_pkey_params(unsigned int key_alg, bool private,
if (private) {
group = EC_GROUP_new_by_curve_name(group_nid);
if (group == NULL) {
DST_RET(dst__openssl_toresult2("EC_GROUP_new_by_"
CLEANUP(dst__openssl_toresult2("EC_GROUP_new_by_"
"curve_name",
DST_R_OPENSSLFAILURE));
}
priv = BN_bin2bn(key, key_len, NULL);
if (priv == NULL) {
DST_RET(dst__openssl_toresult2("BN_bin2bn",
CLEANUP(dst__openssl_toresult2("BN_bin2bn",
DST_R_OPENSSLFAILURE));
}
status = OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
priv);
if (status != 1) {
DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
DST_R_OPENSSLFAILURE));
}
pubkey = opensslecdsa_generate_public_key(group, priv);
if (pubkey == NULL) {
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
key = buf;
@ -226,7 +220,7 @@ opensslecdsa_create_pkey_params(unsigned int key_alg, bool private,
POINT_CONVERSION_UNCOMPRESSED, buf,
sizeof(buf), NULL);
if (key_len == 0) {
DST_RET(dst__openssl_toresult2("EC_POINT_point2oct",
CLEANUP(dst__openssl_toresult2("EC_POINT_point2oct",
DST_R_OPENSSLFAILURE));
}
} else {
@ -240,32 +234,32 @@ opensslecdsa_create_pkey_params(unsigned int key_alg, bool private,
status = OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
key, key_len);
if (status != 1) {
DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_"
CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_"
"octet_string",
DST_R_OPENSSLFAILURE));
}
params = OSSL_PARAM_BLD_to_param(bld);
if (params == NULL) {
DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param",
CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param",
DST_R_OPENSSLFAILURE));
}
ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL);
if (ctx == NULL) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_fromdata_init(ctx);
if (status != 1) {
/* This will fail if the default provider is an engine.
* Return ISC_R_FAILURE to retry using the legacy API. */
DST_RET(dst__openssl_toresult(ISC_R_FAILURE));
CLEANUP(dst__openssl_toresult(ISC_R_FAILURE));
}
status = EVP_PKEY_fromdata(
ctx, pkey, private ? EVP_PKEY_KEYPAIR : EVP_PKEY_PUBLIC_KEY,
params);
if (status != 1 || *pkey == NULL) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_fromdata",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_fromdata",
DST_R_OPENSSLFAILURE));
}
@ -320,7 +314,7 @@ opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private,
eckey = EC_KEY_new_by_curve_name(group_nid);
if (eckey == NULL) {
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
if (private) {
@ -328,18 +322,18 @@ opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private,
privkey = BN_bin2bn(key, key_len, NULL);
if (privkey == NULL) {
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
if (!EC_KEY_set_private_key(eckey, privkey)) {
DST_RET(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY));
CLEANUP(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY));
}
pubkey = opensslecdsa_generate_public_key(group, privkey);
if (pubkey == NULL) {
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
if (EC_KEY_set_public_key(eckey, pubkey) != 1) {
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
} else {
const unsigned char *cp = buf;
@ -347,19 +341,19 @@ opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private,
buf[0] = POINT_CONVERSION_UNCOMPRESSED;
memmove(buf + 1, key, key_len);
if (o2i_ECPublicKey(&eckey, &cp, key_len + 1) == NULL) {
DST_RET(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY));
CLEANUP(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY));
}
if (EC_KEY_check_key(eckey) != 1) {
DST_RET(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY));
CLEANUP(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY));
}
}
pkey = EVP_PKEY_new();
if (pkey == NULL) {
DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY));
CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY));
}
if (!EVP_PKEY_set1_EC_KEY(pkey, eckey)) {
DST_RET(dst__openssl_toresult(ISC_R_FAILURE));
CLEANUP(dst__openssl_toresult(ISC_R_FAILURE));
}
*retkey = pkey;
@ -455,19 +449,19 @@ opensslecdsa_generate_pkey_with_uri(int group_nid, const char *label,
ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", "provider=pkcs11");
if (ctx == NULL) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_keygen_init(ctx);
if (status != 1) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_CTX_set_params(ctx, params);
if (status != 1) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_params",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_params",
DST_R_OPENSSLFAILURE));
}
/*
@ -478,7 +472,7 @@ opensslecdsa_generate_pkey_with_uri(int group_nid, const char *label,
*/
status = EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, group_nid);
if (status != 1) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_"
CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_"
"curve_nid",
DST_R_OPENSSLFAILURE));
}
@ -486,7 +480,7 @@ opensslecdsa_generate_pkey_with_uri(int group_nid, const char *label,
/* Generate the key. */
status = EVP_PKEY_generate(ctx, retkey);
if (status != 1) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_generate",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_generate",
DST_R_OPENSSLFAILURE));
}
@ -514,23 +508,23 @@ opensslecdsa_generate_pkey(unsigned int key_alg, const char *label,
/* Generate the key's parameters. */
ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL);
if (ctx == NULL) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_paramgen_init(ctx);
if (status != 1) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_paramgen_init",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_paramgen_init",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, group_nid);
if (status != 1) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_"
CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_"
"curve_nid",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_paramgen(ctx, &params_pkey);
if (status != 1 || params_pkey == NULL) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_paramgen",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_paramgen",
DST_R_OPENSSLFAILURE));
}
EVP_PKEY_CTX_free(ctx);
@ -538,18 +532,18 @@ opensslecdsa_generate_pkey(unsigned int key_alg, const char *label,
/* Generate the key. */
ctx = EVP_PKEY_CTX_new(params_pkey, NULL);
if (ctx == NULL) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_keygen_init(ctx);
if (status != 1) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_keygen(ctx, retkey);
if (status != 1) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen",
DST_R_OPENSSLFAILURE));
}
result = ISC_R_SUCCESS;
@ -605,21 +599,21 @@ opensslecdsa_generate_pkey(unsigned int key_alg, const char *label,
eckey = EC_KEY_new_by_curve_name(group_nid);
if (eckey == NULL) {
DST_RET(dst__openssl_toresult2("EC_KEY_new_by_curve_name",
CLEANUP(dst__openssl_toresult2("EC_KEY_new_by_curve_name",
DST_R_OPENSSLFAILURE));
}
if (EC_KEY_generate_key(eckey) != 1) {
DST_RET(dst__openssl_toresult2("EC_KEY_generate_key",
CLEANUP(dst__openssl_toresult2("EC_KEY_generate_key",
DST_R_OPENSSLFAILURE));
}
pkey = EVP_PKEY_new();
if (pkey == NULL) {
DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY));
CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY));
}
if (EVP_PKEY_set1_EC_KEY(pkey, eckey) != 1) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_set1_EC_KEY",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_set1_EC_KEY",
DST_R_OPENSSLFAILURE));
}
*retkey = pkey;
@ -687,7 +681,7 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) {
evp_md_ctx = EVP_MD_CTX_create();
if (evp_md_ctx == NULL) {
DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY));
CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY));
}
if (dctx->key->key_alg == DST_ALG_ECDSA256) {
type = isc__crypto_sha256;
@ -700,7 +694,7 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) {
dctx->key->keydata.pkeypair.priv) != 1)
{
EVP_MD_CTX_destroy(evp_md_ctx);
DST_RET(dst__openssl_toresult3(dctx->category,
CLEANUP(dst__openssl_toresult3(dctx->category,
"EVP_DigestSignInit",
ISC_R_FAILURE));
}
@ -717,7 +711,7 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) {
dctx->key->keydata.pkeypair.pub) != 1)
{
EVP_MD_CTX_destroy(evp_md_ctx);
DST_RET(dst__openssl_toresult3(dctx->category,
CLEANUP(dst__openssl_toresult3(dctx->category,
"EVP_DigestVerifyInit",
ISC_R_FAILURE));
}
@ -754,7 +748,7 @@ opensslecdsa_adddata(dst_context_t *dctx, const isc_region_t *data) {
if (EVP_DigestSignUpdate(evp_md_ctx, data->base,
data->length) != 1)
{
DST_RET(dst__openssl_toresult3(dctx->category,
CLEANUP(dst__openssl_toresult3(dctx->category,
"EVP_DigestSignUpdate",
ISC_R_FAILURE));
}
@ -762,7 +756,7 @@ opensslecdsa_adddata(dst_context_t *dctx, const isc_region_t *data) {
if (EVP_DigestVerifyUpdate(evp_md_ctx, data->base,
data->length) != 1)
{
DST_RET(dst__openssl_toresult3(dctx->category,
CLEANUP(dst__openssl_toresult3(dctx->category,
"EVP_DigestVerifyUpdate",
ISC_R_FAILURE));
}
@ -795,25 +789,25 @@ opensslecdsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
isc_buffer_availableregion(sig, &region);
if (region.length < siglen) {
DST_RET(ISC_R_NOSPACE);
CLEANUP(ISC_R_NOSPACE);
}
if (EVP_DigestSignFinal(evp_md_ctx, NULL, &sigder_len) != 1) {
DST_RET(dst__openssl_toresult3(
CLEANUP(dst__openssl_toresult3(
dctx->category, "EVP_DigestSignFinal", ISC_R_FAILURE));
}
if (sigder_len == 0) {
DST_RET(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
sigder = isc_mem_get(dctx->mctx, sigder_len);
sigder_alloced = sigder_len;
if (EVP_DigestSignFinal(evp_md_ctx, sigder, &sigder_len) != 1) {
DST_RET(dst__openssl_toresult3(
CLEANUP(dst__openssl_toresult3(
dctx->category, "EVP_DigestSignFinal", ISC_R_FAILURE));
}
sigder_copy = sigder;
if (d2i_ECDSA_SIG(&ecdsasig, &sigder_copy, sigder_len) == NULL) {
DST_RET(dst__openssl_toresult3(dctx->category, "d2i_ECDSA_SIG",
CLEANUP(dst__openssl_toresult3(dctx->category, "d2i_ECDSA_SIG",
ISC_R_FAILURE));
}
@ -857,12 +851,12 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
}
if (sig->length != siglen) {
DST_RET(DST_R_VERIFYFAILURE);
CLEANUP(DST_R_VERIFYFAILURE);
}
ecdsasig = ECDSA_SIG_new();
if (ecdsasig == NULL) {
DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY));
CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY));
}
r = BN_bin2bn(cp, siglen / 2, NULL);
cp += siglen / 2;
@ -872,7 +866,7 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
status = i2d_ECDSA_SIG(ecdsasig, NULL);
if (status < 0) {
DST_RET(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG",
CLEANUP(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG",
DST_R_VERIFYFAILURE));
}
@ -883,7 +877,7 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
sigder_copy = sigder;
status = i2d_ECDSA_SIG(ecdsasig, &sigder_copy);
if (status < 0) {
DST_RET(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG",
CLEANUP(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG",
DST_R_VERIFYFAILURE));
}
@ -942,10 +936,10 @@ opensslecdsa_todns(const dst_key_t *key, isc_buffer_t *data) {
keysize = opensslecdsa_key_alg_to_publickey_size(key->key_alg);
isc_buffer_availableregion(data, &r);
if (r.length < keysize) {
DST_RET(ISC_R_NOSPACE);
CLEANUP(ISC_R_NOSPACE);
}
if (!opensslecdsa_extract_public_key(key, r.base, keysize)) {
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
isc_buffer_add(data, keysize);
@ -967,10 +961,10 @@ opensslecdsa_fromdns(dst_key_t *key, isc_buffer_t *data) {
isc_buffer_remainingregion(data, &r);
if (r.length == 0) {
DST_RET(ISC_R_SUCCESS);
CLEANUP(ISC_R_SUCCESS);
}
if (r.length != len) {
DST_RET(DST_R_INVALIDPUBLICKEY);
CLEANUP(DST_R_INVALIDPUBLICKEY);
}
CHECK(opensslecdsa_create_pkey(key->key_alg, false, r.base, len,
@ -994,16 +988,16 @@ opensslecdsa_tofile(const dst_key_t *key, const char *directory) {
unsigned short i;
if (key->keydata.pkeypair.pub == NULL) {
DST_RET(DST_R_NULLKEY);
CLEANUP(DST_R_NULLKEY);
}
if (key->external) {
priv.nelements = 0;
DST_RET(dst__privstruct_writefile(key, &priv, directory));
CLEANUP(dst__privstruct_writefile(key, &priv, directory));
}
if (key->keydata.pkeypair.priv == NULL) {
DST_RET(DST_R_NULLKEY);
CLEANUP(DST_R_NULLKEY);
}
keylen = opensslecdsa_key_alg_to_publickey_size(key->key_alg) / 2;
@ -1052,13 +1046,13 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
if (key->external) {
if (priv.nelements != 0 || pub == NULL) {
DST_RET(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY));
CLEANUP(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY));
}
key->keydata.pkeypair.priv = pub->keydata.pkeypair.priv;
key->keydata.pkeypair.pub = pub->keydata.pkeypair.pub;
pub->keydata.pkeypair.priv = NULL;
pub->keydata.pkeypair.pub = NULL;
DST_RET(ISC_R_SUCCESS);
CLEANUP(ISC_R_SUCCESS);
}
for (i = 0; i < priv.nelements; i++) {
@ -1083,13 +1077,13 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub,
pub->keydata.pkeypair.pub) != 1)
{
DST_RET(DST_R_INVALIDPRIVATEKEY);
CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
DST_RET(ISC_R_SUCCESS);
CLEANUP(ISC_R_SUCCESS);
}
if (privkey_index < 0) {
DST_RET(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY));
CLEANUP(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY));
}
CHECK(opensslecdsa_create_pkey(
@ -1098,7 +1092,7 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
/* Check that the public component matches if given */
if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) {
DST_RET(DST_R_INVALIDPRIVATEKEY);
CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
key->key_size = EVP_PKEY_bits(pkey);

42
lib/dns/openssleddsa_link.c
View file

@ -33,12 +33,6 @@
#include "dst_parse.h"
#include "openssl_shim.h"
#define DST_RET(a) \
{ \
result = a; \
goto cleanup; \
}
#ifndef NID_ED25519
#error "Ed25519 group is not known (NID_ED25519)"
#endif /* ifndef NID_ED25519 */
@ -184,19 +178,19 @@ openssleddsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
siglen = alginfo->sig_size;
isc_buffer_availableregion(sig, &sigreg);
if (sigreg.length < (unsigned int)siglen) {
DST_RET(ISC_R_NOSPACE);
CLEANUP(ISC_R_NOSPACE);
}
isc_buffer_usedregion(buf, &tbsreg);
if (EVP_DigestSignInit(ctx, NULL, NULL, NULL, pkey) != 1) {
DST_RET(dst__openssl_toresult3(
CLEANUP(dst__openssl_toresult3(
dctx->category, "EVP_DigestSignInit", ISC_R_FAILURE));
}
if (EVP_DigestSign(ctx, sigreg.base, &siglen, tbsreg.base,
tbsreg.length) != 1)
{
DST_RET(dst__openssl_toresult3(dctx->category, "EVP_DigestSign",
CLEANUP(dst__openssl_toresult3(dctx->category, "EVP_DigestSign",
DST_R_SIGNFAILURE));
}
isc_buffer_add(sig, (unsigned int)siglen);
@ -228,13 +222,13 @@ openssleddsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
}
if (sig->length != alginfo->sig_size) {
DST_RET(DST_R_VERIFYFAILURE);
CLEANUP(DST_R_VERIFYFAILURE);
}
isc_buffer_usedregion(buf, &tbsreg);
if (EVP_DigestVerifyInit(ctx, NULL, NULL, NULL, pkey) != 1) {
DST_RET(dst__openssl_toresult3(
CLEANUP(dst__openssl_toresult3(
dctx->category, "EVP_DigestVerifyInit", ISC_R_FAILURE));
}
@ -283,13 +277,13 @@ openssleddsa_generate(dst_key_t *key, int unused, void (*callback)(int)) {
status = EVP_PKEY_keygen_init(ctx);
if (status != 1) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_keygen(ctx, &pkey);
if (status != 1) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen",
DST_R_OPENSSLFAILURE));
}
@ -378,7 +372,7 @@ openssleddsa_tofile(const dst_key_t *key, const char *directory) {
if (EVP_PKEY_get_raw_private_key(key->keydata.pkeypair.priv,
buf, &len) != 1)
{
DST_RET(dst__openssl_toresult(ISC_R_FAILURE));
CLEANUP(dst__openssl_toresult(ISC_R_FAILURE));
}
priv.elements[i].tag = TAG_EDDSA_PRIVATEKEY;
priv.elements[i].length = len;
@ -421,16 +415,16 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
if (key->external) {
if (priv.nelements != 0) {
DST_RET(DST_R_INVALIDPRIVATEKEY);
CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
if (pub == NULL) {
DST_RET(DST_R_INVALIDPRIVATEKEY);
CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
key->keydata.pkeypair.priv = pub->keydata.pkeypair.priv;
key->keydata.pkeypair.pub = pub->keydata.pkeypair.pub;
pub->keydata.pkeypair.priv = NULL;
pub->keydata.pkeypair.pub = NULL;
DST_RET(ISC_R_SUCCESS);
CLEANUP(ISC_R_SUCCESS);
}
for (i = 0; i < priv.nelements; i++) {
@ -455,13 +449,13 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub,
pub->keydata.pkeypair.pub) != 1)
{
DST_RET(DST_R_INVALIDPRIVATEKEY);
CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
DST_RET(ISC_R_SUCCESS);
CLEANUP(ISC_R_SUCCESS);
}
if (privkey_index < 0) {
DST_RET(DST_R_INVALIDPRIVATEKEY);
CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
len = priv.elements[privkey_index].length;
@ -469,7 +463,7 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
&len, &pkey));
/* Check that the public component matches if given */
if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) {
DST_RET(DST_R_INVALIDPRIVATEKEY);
CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
key->keydata.pkeypair.priv = pkey;
@ -567,7 +561,7 @@ check_algorithm(unsigned char algorithm) {
size_t key_len, sig_len;
if (evp_md_ctx == NULL) {
DST_RET(ISC_R_NOMEMORY);
CLEANUP(ISC_R_NOMEMORY);
}
switch (algorithm) {
@ -588,7 +582,7 @@ check_algorithm(unsigned char algorithm) {
alginfo = openssleddsa_alg_info(algorithm);
break;
default:
DST_RET(ISC_R_NOTIMPLEMENTED);
CLEANUP(ISC_R_NOTIMPLEMENTED);
}
INSIST(alginfo != NULL);
@ -601,7 +595,7 @@ check_algorithm(unsigned char algorithm) {
EVP_DigestVerify(evp_md_ctx, sig, sig_len, test,
sizeof(test) - 1) != 1)
{
DST_RET(ISC_R_NOTIMPLEMENTED);
CLEANUP(ISC_R_NOTIMPLEMENTED);
}
cleanup:

126
lib/dns/opensslrsa_link.c
View file

@ -37,12 +37,6 @@
#include "dst_parse.h"
#include "openssl_shim.h"
#define DST_RET(a) \
{ \
result = a; \
goto cleanup; \
}
#define OPENSSLRSA_MAX_MODULUS_BITS 4096
typedef struct rsa_components {
@ -435,23 +429,23 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e,
rsa = RSA_new();
pkey = EVP_PKEY_new();
if (rsa == NULL || pkey == NULL) {
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
if (EVP_PKEY_set1_RSA(pkey, rsa) != 1) {
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
if (callback != NULL) {
cb = BN_GENCB_new();
if (cb == NULL) {
DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY));
CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY));
}
BN_GENCB_set(cb, progress_cb, (void *)callback);
}
if (RSA_generate_key_ex(rsa, key_size, e, cb) != 1) {
DST_RET(dst__openssl_toresult2("RSA_generate_key_ex",
CLEANUP(dst__openssl_toresult2("RSA_generate_key_ex",
DST_R_OPENSSLFAILURE));
}
*retkey = pkey;
@ -476,20 +470,20 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) {
if (c->n == NULL || c->e == NULL) {
if (private) {
DST_RET(DST_R_INVALIDPRIVATEKEY);
CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
DST_RET(DST_R_INVALIDPUBLICKEY);
CLEANUP(DST_R_INVALIDPUBLICKEY);
}
if (rsa == NULL) {
DST_RET(dst__openssl_toresult2("RSA_new",
CLEANUP(dst__openssl_toresult2("RSA_new",
DST_R_OPENSSLFAILURE));
}
if (RSA_set0_key(rsa, (BIGNUM *)c->n, (BIGNUM *)c->e, (BIGNUM *)c->d) !=
1)
{
DST_RET(dst__openssl_toresult2("RSA_set0_key",
CLEANUP(dst__openssl_toresult2("RSA_set0_key",
DST_R_OPENSSLFAILURE));
}
c->n = NULL;
@ -499,7 +493,7 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) {
if (c->p != NULL || c->q != NULL) {
if (RSA_set0_factors(rsa, (BIGNUM *)c->p, (BIGNUM *)c->q) != 1)
{
DST_RET(dst__openssl_toresult2("RSA_set0_factors",
CLEANUP(dst__openssl_toresult2("RSA_set0_factors",
DST_R_OPENSSLFAILURE));
}
c->p = NULL;
@ -511,7 +505,7 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) {
(BIGNUM *)c->dmq1,
(BIGNUM *)c->iqmp) == 0)
{
DST_RET(dst__openssl_toresult2("RSA_set0_crt_params",
CLEANUP(dst__openssl_toresult2("RSA_set0_crt_params",
DST_R_OPENSSLFAILURE));
}
c->dmp1 = NULL;
@ -521,12 +515,12 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) {
pkey = EVP_PKEY_new();
if (pkey == NULL) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_new",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_new",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_set1_RSA(pkey, rsa);
if (status != 1) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_set1_RSA",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_set1_RSA",
DST_R_OPENSSLFAILURE));
}
@ -570,25 +564,25 @@ opensslrsa_generate_pkey_with_uri(size_t key_size, const char *label,
ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", "provider=pkcs11");
if (ctx == NULL) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_keygen_init(ctx);
if (status != 1) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_CTX_set_params(ctx, params);
if (status != 1) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_params",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_params",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_generate(ctx, retkey);
if (status != 1) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_generate",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_generate",
DST_R_OPENSSLFAILURE));
}
@ -611,19 +605,19 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e,
ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL);
if (ctx == NULL) {
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
if (EVP_PKEY_keygen_init(ctx) != 1) {
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, (int)key_size) != 1) {
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
if (EVP_PKEY_CTX_set1_rsa_keygen_pubexp(ctx, e) != 1) {
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
if (callback != NULL) {
@ -632,7 +626,7 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e,
}
if (EVP_PKEY_keygen(ctx, retkey) != 1) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen",
DST_R_OPENSSLFAILURE));
}
result = ISC_R_SUCCESS;
@ -651,69 +645,69 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) {
bld = OSSL_PARAM_BLD_new();
if (bld == NULL) {
DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_new",
CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_new",
DST_R_OPENSSLFAILURE));
}
if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, c->n) != 1 ||
OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, c->e) != 1)
{
DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
DST_R_OPENSSLFAILURE));
}
if (c->d != NULL &&
OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, c->d) != 1)
{
DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
DST_R_OPENSSLFAILURE));
}
if (c->p != NULL &&
OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_FACTOR1, c->p) != 1)
{
DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
DST_R_OPENSSLFAILURE));
}
if (c->q != NULL &&
OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_FACTOR2, c->q) != 1)
{
DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
DST_R_OPENSSLFAILURE));
}
if (c->dmp1 != NULL &&
OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_EXPONENT1,
c->dmp1) != 1)
{
DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
DST_R_OPENSSLFAILURE));
}
if (c->dmq1 != NULL &&
OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_EXPONENT2,
c->dmq1) != 1)
{
DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
DST_R_OPENSSLFAILURE));
}
if (c->iqmp != NULL &&
OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_COEFFICIENT1,
c->iqmp) != 1)
{
DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
DST_R_OPENSSLFAILURE));
}
params = OSSL_PARAM_BLD_to_param(bld);
if (params == NULL) {
DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param",
CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param",
DST_R_OPENSSLFAILURE));
}
ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL);
if (ctx == NULL) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_fromdata_init(ctx);
if (status != 1) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_fromdata_init",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_fromdata_init",
DST_R_OPENSSLFAILURE));
}
@ -721,7 +715,7 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) {
ctx, retpkey, private ? EVP_PKEY_KEYPAIR : EVP_PKEY_PUBLIC_KEY,
params);
if (status != 1) {
DST_RET(dst__openssl_toresult2("EVP_PKEY_fromdata",
CLEANUP(dst__openssl_toresult2("EVP_PKEY_fromdata",
DST_R_OPENSSLFAILURE));
}
result = ISC_R_SUCCESS;
@ -743,7 +737,7 @@ opensslrsa_generate(dst_key_t *key, int unused, void (*callback)(int)) {
UNUSED(unused);
if (e == NULL) {
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
/*
@ -754,21 +748,21 @@ opensslrsa_generate(dst_key_t *key, int unused, void (*callback)(int)) {
case DST_ALG_NSEC3RSASHA1:
/* From RFC 3110 */
if (key->key_size > 4096) {
DST_RET(DST_R_INVALIDPARAM);
CLEANUP(DST_R_INVALIDPARAM);
}
break;
case DST_ALG_RSASHA256:
case DST_ALG_RSASHA256PRIVATEOID:
/* From RFC 5702 */
if (key->key_size < 512 || key->key_size > 4096) {
DST_RET(DST_R_INVALIDPARAM);
CLEANUP(DST_R_INVALIDPARAM);
}
break;
case DST_ALG_RSASHA512:
case DST_ALG_RSASHA512PRIVATEOID:
/* From RFC 5702 */
if (key->key_size < 1024 || key->key_size > 4096) {
DST_RET(DST_R_INVALIDPARAM);
CLEANUP(DST_R_INVALIDPARAM);
}
break;
default:
@ -811,14 +805,14 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) {
switch (key->key_alg) {
case DST_ALG_RSASHA256PRIVATEOID:
if (r.length < sizeof(oid_rsasha256)) {
DST_RET(ISC_R_NOSPACE);
CLEANUP(ISC_R_NOSPACE);
}
isc_buffer_putmem(data, oid_rsasha256, sizeof(oid_rsasha256));
isc_region_consume(&r, sizeof(oid_rsasha256));
break;
case DST_ALG_RSASHA512PRIVATEOID:
if (r.length < sizeof(oid_rsasha512)) {
DST_RET(ISC_R_NOSPACE);
CLEANUP(ISC_R_NOSPACE);
}
isc_buffer_putmem(data, oid_rsasha512, sizeof(oid_rsasha512));
isc_region_consume(&r, sizeof(oid_rsasha512));
@ -832,13 +826,13 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) {
if (e_bytes < 256) { /*%< key exponent is <= 2040 bits */
if (r.length < 1) {
DST_RET(ISC_R_NOSPACE);
CLEANUP(ISC_R_NOSPACE);
}
isc_buffer_putuint8(data, (uint8_t)e_bytes);
isc_region_consume(&r, 1);
} else {
if (r.length < 3) {
DST_RET(ISC_R_NOSPACE);
CLEANUP(ISC_R_NOSPACE);
}
isc_buffer_putuint8(data, 0);
isc_buffer_putuint16(data, (uint16_t)e_bytes);
@ -846,7 +840,7 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) {
}
if (r.length < e_bytes + mod_bytes) {
DST_RET(ISC_R_NOSPACE);
CLEANUP(ISC_R_NOSPACE);
}
BN_bn2bin(c.e, r.base);
@ -874,7 +868,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) {
isc_buffer_remainingregion(data, &r);
if (r.length == 0) {
DST_RET(ISC_R_SUCCESS);
CLEANUP(ISC_R_SUCCESS);
}
/*
@ -885,7 +879,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) {
if (r.length < sizeof(oid_rsasha256) ||
memcmp(r.base, oid_rsasha256, sizeof(oid_rsasha256)) != 0)
{
DST_RET(DST_R_INVALIDPUBLICKEY);
CLEANUP(DST_R_INVALIDPUBLICKEY);
}
isc_region_consume(&r, sizeof(oid_rsasha256));
isc_buffer_forward(data, sizeof(oid_rsasha256));
@ -894,7 +888,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) {
if (r.length < sizeof(oid_rsasha512) ||
memcmp(r.base, oid_rsasha512, sizeof(oid_rsasha512)) != 0)
{
DST_RET(DST_R_INVALIDPUBLICKEY);
CLEANUP(DST_R_INVALIDPUBLICKEY);
}
isc_region_consume(&r, sizeof(oid_rsasha512));
isc_buffer_forward(data, sizeof(oid_rsasha512));
@ -903,7 +897,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) {
length = r.length;
if (r.length < 1) {
DST_RET(DST_R_INVALIDPUBLICKEY);
CLEANUP(DST_R_INVALIDPUBLICKEY);
}
e_bytes = *r.base;
@ -911,7 +905,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) {
if (e_bytes == 0) {
if (r.length < 2) {
DST_RET(DST_R_INVALIDPUBLICKEY);
CLEANUP(DST_R_INVALIDPUBLICKEY);
}
e_bytes = (*r.base) << 8;
isc_region_consume(&r, 1);
@ -920,13 +914,13 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) {
}
if (r.length < e_bytes) {
DST_RET(DST_R_INVALIDPUBLICKEY);
CLEANUP(DST_R_INVALIDPUBLICKEY);
}
c.e = BN_bin2bn(r.base, e_bytes, NULL);
isc_region_consume(&r, e_bytes);
c.n = BN_bin2bn(r.base, r.length, NULL);
if (c.e == NULL || c.n == NULL) {
DST_RET(ISC_R_NOMEMORY);
CLEANUP(ISC_R_NOMEMORY);
}
isc_buffer_forward(data, length);
@ -1072,14 +1066,14 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
if (key->external) {
if (priv.nelements != 0 || pub == NULL) {
DST_RET(DST_R_INVALIDPRIVATEKEY);
CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
key->keydata.pkeypair.pub = pub->keydata.pkeypair.pub;
key->keydata.pkeypair.priv = pub->keydata.pkeypair.priv;
pub->keydata.pkeypair.pub = NULL;
pub->keydata.pkeypair.priv = NULL;
key->key_size = pub->key_size;
DST_RET(ISC_R_SUCCESS);
CLEANUP(ISC_R_SUCCESS);
}
for (i = 0; i < priv.nelements; i++) {
@ -1105,9 +1099,9 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub,
pub->keydata.pkeypair.pub) != 1)
{
DST_RET(DST_R_INVALIDPRIVATEKEY);
CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
DST_RET(ISC_R_SUCCESS);
CLEANUP(ISC_R_SUCCESS);
}
for (i = 0; i < priv.nelements; i++) {
@ -1121,7 +1115,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
bn = BN_bin2bn(priv.elements[i].data,
priv.elements[i].length, NULL);
if (bn == NULL) {
DST_RET(ISC_R_NOMEMORY);
CLEANUP(ISC_R_NOMEMORY);
}
switch (priv.elements[i].tag) {
case TAG_RSA_MODULUS:
@ -1156,10 +1150,10 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
/* Basic sanity check for public key portion */
if (c.n == NULL || c.e == NULL) {
DST_RET(DST_R_INVALIDPRIVATEKEY);
CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
if (BN_num_bits(c.e) > RSA_MAX_PUBEXP_BITS) {
DST_RET(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
key->key_size = BN_num_bits(c.n);
@ -1167,7 +1161,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
/* Check that the public component matches if given */
if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) {
DST_RET(DST_R_INVALIDPRIVATEKEY);
CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
key->keydata.pkeypair.pub = pkey;
@ -1196,7 +1190,7 @@ opensslrsa_fromlabel(dst_key_t *key, const char *label, const char *pin) {
&privpkey));
if (!opensslrsa_check_exponent_bits(pubpkey, RSA_MAX_PUBEXP_BITS)) {
DST_RET(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
key->label = isc_mem_strdup(key->mctx, label);
@ -1335,7 +1329,7 @@ check_algorithm(unsigned short algorithm) {
len = sizeof(sha512_sig) - 1;
break;
default:
DST_RET(ISC_R_NOTIMPLEMENTED);
CLEANUP(ISC_R_NOTIMPLEMENTED);
}
/*
@ -1354,7 +1348,7 @@ check_algorithm(unsigned short algorithm) {
EVP_DigestUpdate(evp_md_ctx, "test", 4) != 1 ||
EVP_VerifyFinal(evp_md_ctx, sig, len, pkey) != 1)
{
DST_RET(ISC_R_NOTIMPLEMENTED);
CLEANUP(ISC_R_NOTIMPLEMENTED);
}
cleanup:

2
lib/dns/private.c
View file

@ -306,7 +306,7 @@ dns_private_totext(dns_rdata_t *private, isc_buffer_t *buf) {
if (!dns_nsec3param_fromprivate(private, &rdata, nsec3buf,
sizeof(nsec3buf)))
{
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL));

2
lib/dns/rdata.c
View file

@ -1093,7 +1093,7 @@ unknown_fromtext(dns_rdataclass_t rdclass, dns_rdatatype_t type,
CHECK(isc_hex_tobuffer(lexer, buf,
(unsigned int)token.value.as_ulong));
if (isc_buffer_usedlength(buf) != token.value.as_ulong) {
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
}

14
lib/dns/rdataslab.c
View file

@ -514,7 +514,7 @@ dns_rdataslab_merge(dns_slabheader_t *oheader, dns_slabheader_t *nheader,
* than ncount, then we found such a duplicate.
*/
if (((flags & DNS_RDATASLAB_EXACT) != 0) && (tcount < ncount)) {
CHECK(DNS_R_NOTEXACT);
CLEANUP(DNS_R_NOTEXACT);
}
/*
@ -522,7 +522,7 @@ dns_rdataslab_merge(dns_slabheader_t *oheader, dns_slabheader_t *nheader,
* FORCE flag isn't set, we're done.
*/
if (tcount == 0 && (flags & DNS_RDATASLAB_FORCE) == 0) {
CHECK(DNS_R_UNCHANGED);
CLEANUP(DNS_R_UNCHANGED);
}
/* Add to tcount the total number of items from the old slab. */
@ -533,11 +533,11 @@ dns_rdataslab_merge(dns_slabheader_t *oheader, dns_slabheader_t *nheader,
/* Single types can't have more than one RR. */
if (tcount > 1 && dns_rdatatype_issingleton(type)) {
CHECK(DNS_R_SINGLETON);
CLEANUP(DNS_R_SINGLETON);
}
if (tcount > 0xffff) {
CHECK(ISC_R_NOSPACE);
CLEANUP(ISC_R_NOSPACE);
}
/* Allocate the target buffer and copy the new slab's header */
@ -673,7 +673,7 @@ dns_rdataslab_subtract(dns_slabheader_t *oheader, dns_slabheader_t *sheader,
* duplicates.)
*/
if ((flags & DNS_RDATASLAB_EXACT) != 0 && rcount != scount) {
CHECK(DNS_R_NOTEXACT);
CLEANUP(DNS_R_NOTEXACT);
}
/*
@ -681,14 +681,14 @@ dns_rdataslab_subtract(dns_slabheader_t *oheader, dns_slabheader_t *sheader,
* create a new buffer, just return.
*/
if (tcount == 0) {
CHECK(DNS_R_NXRRSET);
CLEANUP(DNS_R_NXRRSET);
}
/*
* If nothing is going to change, stop.
*/
if (rcount == 0) {
CHECK(DNS_R_UNCHANGED);
CLEANUP(DNS_R_UNCHANGED);
}
/*

2
lib/dns/request.c
View file

@ -686,7 +686,7 @@ req_render(dns_message_t *message, isc_buffer_t **bufferp, unsigned int options,
*/
isc_buffer_usedregion(buf1, &r);
if ((options & DNS_REQUESTOPT_TCP) == 0 && r.length > 512) {
CHECK(DNS_R_USETCP);
CLEANUP(DNS_R_USETCP);
}
isc_buffer_allocate(mctx, &buf2, r.length);
CHECK(isc_buffer_copyregion(buf2, &r));

4
lib/dns/resconf.c
View file

@ -217,7 +217,7 @@ add_server(isc_mem_t *mctx, const char *address_str,
address = isc_mem_get(mctx, sizeof(*address));
if (res->ai_addrlen > sizeof(address->type)) {
isc_mem_put(mctx, address, sizeof(*address));
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
if (res->ai_family == AF_INET) {
@ -237,7 +237,7 @@ add_server(isc_mem_t *mctx, const char *address_str,
isc_mem_put(mctx, address, sizeof(*address));
UNEXPECTED_ERROR("ai_family (%d) not INET nor INET6",
res->ai_family);
CHECK(ISC_R_UNEXPECTED);
CLEANUP(ISC_R_UNEXPECTED);
}
address->length = (unsigned int)res->ai_addrlen;

2
lib/dns/resolver.c
View file

@ -6987,7 +6987,7 @@ resume_dslookup(void *arg) {
* made. Interrupt the DS chasing process, returning SERVFAIL.
*/
if (dns_name_equal(fctx->nsname, fetch->private->domain)) {
CHECK(DNS_R_SERVFAIL);
CLEANUP(DNS_R_SERVFAIL);
}
/* Get nameservers from fetch before we destroy it. */

4
lib/dns/sdlz.c
View file

@ -982,7 +982,7 @@ modrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version,
buffer));
if (isc_buffer_usedlength(buffer) < 1) {
CHECK(ISC_R_BADADDRESSFORM);
CLEANUP(ISC_R_BADADDRESSFORM);
}
rdatastr = isc_buffer_base(buffer);
@ -1641,7 +1641,7 @@ dns_sdlz_putrr(dns_sdlzlookup_t *lookup, const char *type, dns_ttl_t ttl,
} while (result == ISC_R_NOSPACE);
if (result != ISC_R_SUCCESS) {
CHECK(DNS_R_SERVFAIL);
CLEANUP(DNS_R_SERVFAIL);
}
ISC_LIST_APPEND(rdatalist->rdata, rdata, link);

16
lib/dns/skr.c
View file

@ -29,7 +29,7 @@
#define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token))
#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN)
#define BADTOKEN() CLEANUP(ISC_R_UNEXPECTEDTOKEN)
#define TOKENSIZ (8 * 1024)
#define STR(t) ((t).value.as_textregion.base)
@ -58,7 +58,7 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin,
isc_buffer_add(&b, strlen(owner));
CHECK(dns_name_fromtext(dname, &b, dns_rootname, 0));
if (dns_name_compare(dname, origin) != 0) {
CHECK(DNS_R_BADOWNERNAME);
CLEANUP(DNS_R_BADOWNERNAME);
}
isc_buffer_clear(&b);
@ -248,7 +248,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin,
}
if (token.type != isc_tokentype_string) {
CHECK(DNS_R_SYNTAX);
CLEANUP(DNS_R_SYNTAX);
}
if (strcmp(STR(token), ";;") == 0) {
@ -257,7 +257,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin,
if (token.type != isc_tokentype_string ||
strcmp(STR(token), "SignedKeyResponse") != 0)
{
CHECK(DNS_R_SYNTAX);
CLEANUP(DNS_R_SYNTAX);
}
/* Version */
@ -265,20 +265,20 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin,
if (token.type != isc_tokentype_string ||
strcmp(STR(token), "1.0") != 0)
{
CHECK(DNS_R_SYNTAX);
CLEANUP(DNS_R_SYNTAX);
}
/* Date and time of bundle */
CHECK(isc_lex_gettoken(lex, opt, &token));
if (token.type != isc_tokentype_string) {
CHECK(DNS_R_SYNTAX);
CLEANUP(DNS_R_SYNTAX);
}
if (strcmp(STR(token), "generated") == 0) {
/* Final bundle */
goto readline;
}
if (token.type != isc_tokentype_string) {
CHECK(DNS_R_SYNTAX);
CLEANUP(DNS_R_SYNTAX);
}
/* Add previous bundle */
@ -340,7 +340,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin,
}
if (result != ISC_R_EOF) {
CHECK(DNS_R_SYNTAX);
CLEANUP(DNS_R_SYNTAX);
}
result = ISC_R_SUCCESS;

10
lib/dns/tkey.c
View file

@ -358,19 +358,19 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx,
if (result != ISC_R_SUCCESS) {
tkey_log("dns_tkey_processquery: couldn't find a TKEY "
"matching the question");
CHECK(DNS_R_FORMERR);
CLEANUP(DNS_R_FORMERR);
}
result = dns_rdataset_first(tkeyset);
if (result != ISC_R_SUCCESS) {
CHECK(DNS_R_FORMERR);
CLEANUP(DNS_R_FORMERR);
}
dns_rdataset_current(tkeyset, &rdata);
CHECK(dns_rdata_tostruct(&rdata, &tkeyin, NULL));
if (tkeyin.error != dns_rcode_noerror) {
CHECK(DNS_R_FORMERR);
CLEANUP(DNS_R_FORMERR);
}
/*
@ -386,7 +386,7 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx,
{
tkey_log("dns_tkey_processquery: query was not "
"properly signed - rejecting");
CHECK(DNS_R_FORMERR);
CLEANUP(DNS_R_FORMERR);
}
tkeyout = (dns_rdata_tkey_t){
@ -620,7 +620,7 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg,
{
tkey_log("dns_tkey_gssnegotiate: tkey mode invalid "
"or error set(4)");
CHECK(DNS_R_INVALIDTKEY);
CLEANUP(DNS_R_INVALIDTKEY);
}
isc_buffer_init(&intoken, rtkey.key, rtkey.keylen);

4
lib/dns/update.c
View file

@ -784,7 +784,7 @@ next_active(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db,
if (wraps == 2) {
update_log(log, zone, ISC_LOG_ERROR,
"secure zone with no NSECs");
CHECK(DNS_R_BADZONE);
CLEANUP(DNS_R_BADZONE);
}
}
CHECK(dns_dbiterator_current(dbit, &node, newname));
@ -1104,7 +1104,7 @@ add_sigs(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db,
/* Look up the signature in the SKR bundle */
dns_skrbundle_t *bundle = dns_zone_getskrbundle(zone);
if (bundle == NULL) {
CHECK(DNS_R_NOSKRBUNDLE);
CLEANUP(DNS_R_NOSKRBUNDLE);
}
CHECK(dns_skrbundle_getsig(bundle, keys[i], type,
&sig_rdata));

24
lib/dns/validator.c
View file

@ -445,7 +445,7 @@ fetch_callback_dnskey(void *arg) {
dns_resolver_destroyfetch(&val->fetch);
if (CANCELED(val) || CANCELING(val)) {
CHECK(ISC_R_CANCELED);
CLEANUP(ISC_R_CANCELED);
}
if (trustchain) {
@ -540,7 +540,7 @@ fetch_callback_ds(void *arg) {
dns_resolver_destroyfetch(&val->fetch);
if (CANCELED(val) || CANCELING(val)) {
CHECK(ISC_R_CANCELED);
CLEANUP(ISC_R_CANCELED);
}
if (trustchain) {
@ -648,7 +648,7 @@ validator_callback_dnskey(void *arg) {
val->subvalidator = NULL;
if (CANCELED(val) || CANCELING(val)) {
CHECK(ISC_R_CANCELED);
CLEANUP(ISC_R_CANCELED);
}
validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_dnskey");
@ -701,7 +701,7 @@ validator_callback_ds(void *arg) {
val->subvalidator = NULL;
if (CANCELED(val) || CANCELING(val)) {
CHECK(ISC_R_CANCELED);
CLEANUP(ISC_R_CANCELED);
}
validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_ds");
@ -765,7 +765,7 @@ validator_callback_cname(void *arg) {
val->subvalidator = NULL;
if (CANCELED(val) || CANCELING(val)) {
CHECK(ISC_R_CANCELED);
CLEANUP(ISC_R_CANCELED);
}
validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_cname");
@ -809,7 +809,7 @@ validator_callback_nsec(void *arg) {
val->subvalidator = NULL;
if (CANCELED(val) || CANCELING(val)) {
CHECK(ISC_R_CANCELED);
CLEANUP(ISC_R_CANCELED);
}
validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_nsec");
@ -1562,7 +1562,7 @@ validate_answer_iter_start(dns_validator_t *val) {
val->attributes &= ~VALATTR_OFFLOADED;
if (CANCELING(val)) {
validator_cancel_finish(val);
CHECK(ISC_R_CANCELED);
CLEANUP(ISC_R_CANCELED);
}
if (val->resume) {
@ -1593,7 +1593,7 @@ validate_answer_iter_next(void *arg) {
val->attributes &= ~VALATTR_OFFLOADED;
if (CANCELING(val)) {
validator_cancel_finish(val);
CHECK(ISC_R_CANCELED);
CLEANUP(ISC_R_CANCELED);
}
val->resume = false;
@ -1683,7 +1683,7 @@ validate_answer_process(void *arg) {
val->attributes &= ~VALATTR_OFFLOADED;
if (CANCELING(val)) {
validator_cancel_finish(val);
CHECK(ISC_R_CANCELED);
CLEANUP(ISC_R_CANCELED);
}
dns_rdata_reset(&val->rdata);
@ -2233,7 +2233,7 @@ validate_dnskey(void *arg) {
dns_rdata_ds_t ds;
if (CANCELED(val) || CANCELING(val)) {
CHECK(ISC_R_CANCELED);
CLEANUP(ISC_R_CANCELED);
}
/*
@ -2268,7 +2268,7 @@ validate_dnskey(void *arg) {
validator_log(val, ISC_LOG_DEBUG(3),
"no trusted root key");
}
CHECK(DNS_R_NOVALIDSIG);
CLEANUP(DNS_R_NOVALIDSIG);
}
/*
@ -3549,7 +3549,7 @@ validator_start(void *arg) {
isc_result_t result = ISC_R_FAILURE;
if (CANCELED(val) || CANCELING(val)) {
CHECK(ISC_R_CANCELED);
CLEANUP(ISC_R_CANCELED);
}
validator_log(val, ISC_LOG_DEBUG(3), "starting");

14
lib/dns/view.c
View file

@ -1071,7 +1071,7 @@ dns_view_findzonecut(dns_view_t *view, const dns_name_t *name,
try_hints = true;
goto finish;
} else {
CHECK(DNS_R_NXDOMAIN);
CLEANUP(DNS_R_NXDOMAIN);
}
} else if (result != ISC_R_SUCCESS) {
/*
@ -1835,7 +1835,7 @@ dns_view_loadnta(dns_view_t *view) {
if (token.type == isc_tokentype_eof) {
break;
} else if (token.type != isc_tokentype_string) {
CHECK(ISC_R_UNEXPECTEDTOKEN);
CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
name = TSTR(token);
len = TLEN(token);
@ -1854,7 +1854,7 @@ dns_view_loadnta(dns_view_t *view) {
CHECK(isc_lex_gettoken(lex, options, &token));
if (token.type != isc_tokentype_string) {
CHECK(ISC_R_UNEXPECTEDTOKEN);
CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
type = TSTR(token);
@ -1863,12 +1863,12 @@ dns_view_loadnta(dns_view_t *view) {
} else if (strcmp(type, "forced") == 0) {
forced = true;
} else {
CHECK(ISC_R_UNEXPECTEDTOKEN);
CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
CHECK(isc_lex_gettoken(lex, options, &token));
if (token.type != isc_tokentype_string) {
CHECK(ISC_R_UNEXPECTEDTOKEN);
CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
timestamp = TSTR(token);
CHECK(dns_time32_fromtext(timestamp, &t));
@ -1877,7 +1877,7 @@ dns_view_loadnta(dns_view_t *view) {
if (token.type != isc_tokentype_eol &&
token.type != isc_tokentype_eof)
{
CHECK(ISC_R_UNEXPECTEDTOKEN);
CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
if (now <= t) {
@ -2110,7 +2110,7 @@ dns_view_addtrustedkey(dns_view_t *view, dns_rdatatype_t rdtype,
REQUIRE(view->rdclass == dns_rdataclass_in);
if (rdtype != dns_rdatatype_dnskey && rdtype != dns_rdatatype_ds) {
CHECK(ISC_R_NOTIMPLEMENTED);
CLEANUP(ISC_R_NOTIMPLEMENTED);
}
isc_buffer_init(&b, rdatabuf, sizeof(rdatabuf));

42
lib/dns/xfrin.c
View file

@ -352,14 +352,14 @@ axfr_apply(void *arg) {
uint64_t records;
if (atomic_load(&xfr->shuttingdown)) {
CHECK(ISC_R_SHUTTINGDOWN);
CLEANUP(ISC_R_SHUTTINGDOWN);
}
CHECK(dns_diff_load(&xfr->diff, &xfr->axfr));
if (xfr->maxrecords != 0U) {
result = dns_db_getsize(xfr->db, xfr->ver, &records, NULL);
if (result == ISC_R_SUCCESS && records > xfr->maxrecords) {
CHECK(DNS_R_TOOMANYRECORDS);
CLEANUP(DNS_R_TOOMANYRECORDS);
}
}
@ -522,7 +522,7 @@ ixfr_apply_one(dns_xfrin_t *xfr, ixfr_apply_data_t *data) {
if (xfr->maxrecords != 0U) {
result = dns_db_getsize(xfr->db, xfr->ver, &records, NULL);
if (result == ISC_R_SUCCESS && records > xfr->maxrecords) {
CHECK(DNS_R_TOOMANYRECORDS);
CLEANUP(DNS_R_TOOMANYRECORDS);
}
}
if (xfr->ixfr.journal != NULL) {
@ -684,7 +684,7 @@ xfr_rr(dns_xfrin_t *xfr, dns_name_t *name, uint32_t ttl, dns_rdata_t *rdata) {
dns_rdatatype_format(rdata->type, buf, sizeof(buf));
xfrin_log(xfr, ISC_LOG_NOTICE,
"Unexpected %s record in zone transfer", buf);
CHECK(DNS_R_FORMERR);
CLEANUP(DNS_R_FORMERR);
}
/*
@ -699,7 +699,7 @@ xfr_rr(dns_xfrin_t *xfr, dns_name_t *name, uint32_t ttl, dns_rdata_t *rdata) {
dns_name_format(name, namebuf, sizeof(namebuf));
xfrin_log(xfr, ISC_LOG_DEBUG(3), "SOA name mismatch: '%s'",
namebuf);
CHECK(DNS_R_NOTZONETOP);
CLEANUP(DNS_R_NOTZONETOP);
}
redo:
@ -708,7 +708,7 @@ redo:
if (rdata->type != dns_rdatatype_soa) {
xfrin_log(xfr, ISC_LOG_NOTICE,
"non-SOA response to SOA query");
CHECK(DNS_R_FORMERR);
CLEANUP(DNS_R_FORMERR);
}
end_serial = dns_soa_getserial(rdata);
atomic_store_relaxed(&xfr->end_serial, end_serial);
@ -719,7 +719,7 @@ redo:
"requested serial %u, "
"primary has %" PRIuFAST32 ", not updating",
xfr->ixfr.request_serial, end_serial);
CHECK(DNS_R_UPTODATE);
CLEANUP(DNS_R_UPTODATE);
}
atomic_store(&xfr->state, XFRST_GOTSOA);
break;
@ -734,7 +734,7 @@ redo:
if (rdata->type != dns_rdatatype_soa) {
xfrin_log(xfr, ISC_LOG_NOTICE,
"first RR in zone transfer must be SOA");
CHECK(DNS_R_FORMERR);
CLEANUP(DNS_R_FORMERR);
}
/*
* Remember the serial number in the initial SOA.
@ -755,7 +755,7 @@ redo:
"requested serial %u, "
"primary has %" PRIuFAST32 ", not updating",
xfr->ixfr.request_serial, end_serial);
CHECK(DNS_R_UPTODATE);
CLEANUP(DNS_R_UPTODATE);
}
xfr->firstsoa = *rdata;
if (xfr->firstsoa_data != NULL) {
@ -823,7 +823,7 @@ redo:
"IXFR out of sync: "
"expected serial %u, got %u",
xfr->ixfr.current_serial, soa_serial);
CHECK(DNS_R_FORMERR);
CLEANUP(DNS_R_FORMERR);
} else {
CHECK(ixfr_commit(xfr));
atomic_store(&xfr->state, XFRST_IXFR_DELSOA);
@ -833,7 +833,7 @@ redo:
if (rdata->type == dns_rdatatype_ns &&
dns_name_iswildcard(name))
{
CHECK(DNS_R_INVALIDNS);
CLEANUP(DNS_R_INVALIDNS);
}
CHECK(ixfr_putdata(xfr, DNS_DIFFOP_ADD, name, ttl, rdata));
break;
@ -858,7 +858,7 @@ redo:
xfrin_log(xfr, ISC_LOG_NOTICE,
"start and ending SOA records "
"mismatch");
CHECK(DNS_R_FORMERR);
CLEANUP(DNS_R_FORMERR);
}
axfr_commit(xfr);
atomic_store(&xfr->state, XFRST_AXFR_END);
@ -867,7 +867,7 @@ redo:
break;
case XFRST_AXFR_END:
case XFRST_IXFR_END:
CHECK(DNS_R_EXTRADATA);
CLEANUP(DNS_R_EXTRADATA);
break;
default:
UNREACHABLE();
@ -1288,7 +1288,7 @@ xfrin_start(dns_xfrin_t *xfr) {
dns_dispatchmgr_t *dispmgr = dns_view_getdispatchmgr(xfr->view);
if (dispmgr == NULL) {
CHECK(ISC_R_SHUTTINGDOWN);
CLEANUP(ISC_R_SHUTTINGDOWN);
}
primaries_timeout = isc_nm_getprimariestimeout();
@ -1863,7 +1863,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) {
if (msg->counts[DNS_SECTION_QUESTION] > 1) {
xfrin_log(xfr, ISC_LOG_NOTICE, "too many questions (%u)",
msg->counts[DNS_SECTION_QUESTION]);
CHECK(DNS_R_FORMERR);
CLEANUP(DNS_R_FORMERR);
}
if ((atomic_load(&xfr->state) == XFRST_SOAQUERY ||
@ -1871,7 +1871,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) {
msg->counts[DNS_SECTION_QUESTION] != 1)
{
xfrin_log(xfr, ISC_LOG_NOTICE, "missing question section");
CHECK(DNS_R_FORMERR);
CLEANUP(DNS_R_FORMERR);
}
MSG_SECTION_FOREACH(msg, DNS_SECTION_QUESTION, name) {
@ -1882,19 +1882,19 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) {
if (!dns_name_equal(name, &xfr->name)) {
xfrin_log(xfr, ISC_LOG_NOTICE,
"question name mismatch");
CHECK(DNS_R_FORMERR);
CLEANUP(DNS_R_FORMERR);
}
rds = ISC_LIST_HEAD(name->list);
INSIST(rds != NULL);
if (rds->type != xfr->reqtype) {
xfrin_log(xfr, ISC_LOG_NOTICE,
"question type mismatch");
CHECK(DNS_R_FORMERR);
CLEANUP(DNS_R_FORMERR);
}
if (rds->rdclass != xfr->rdclass) {
xfrin_log(xfr, ISC_LOG_NOTICE,
"question class mismatch");
CHECK(DNS_R_FORMERR);
CLEANUP(DNS_R_FORMERR);
}
}
@ -1916,7 +1916,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) {
if (xfr->reqtype == dns_rdatatype_soa &&
(msg->flags & DNS_MESSAGEFLAG_AA) == 0)
{
CHECK(DNS_R_NOTAUTHORITATIVE);
CLEANUP(DNS_R_NOTAUTHORITATIVE);
}
result = dns_message_checksig(msg, xfr->view);
@ -1975,7 +1975,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) {
atomic_load(&xfr->state) == XFRST_AXFR_END ||
atomic_load(&xfr->state) == XFRST_IXFR_END)
{
CHECK(DNS_R_EXPECTEDTSIG);
CLEANUP(DNS_R_EXPECTEDTSIG);
}
}

66
lib/dns/zone.c
View file

@ -2339,7 +2339,7 @@ zone_load(dns_zone_t *zone, unsigned int flags, bool locked) {
if ((flags & DNS_ZONELOADFLAG_THAW) != 0) {
DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_THAW);
}
CHECK(ISC_R_LOADING);
CLEANUP(ISC_R_LOADING);
}
INSIST(zone->db_argc >= 1);
@ -2403,7 +2403,7 @@ zone_load(dns_zone_t *zone, unsigned int flags, bool locked) {
ISC_LOG_DEBUG(1),
"skipping load: master file "
"older than last load");
CHECK(DNS_R_UPTODATE);
CLEANUP(DNS_R_UPTODATE);
}
/*
@ -2453,7 +2453,7 @@ zone_load(dns_zone_t *zone, unsigned int flags, bool locked) {
"DLZ %s does not exist or is set "
"to 'search yes;'",
zone->db_argv[1]);
CHECK(ISC_R_NOTFOUND);
CLEANUP(ISC_R_NOTFOUND);
}
ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_write);
@ -5412,7 +5412,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime,
goto cleanup;
}
if (zone->type == dns_zone_primary && errors != 0) {
CHECK(DNS_R_BADZONE);
CLEANUP(DNS_R_BADZONE);
}
if (zone->type != dns_zone_stub &&
zone->type != dns_zone_redirect)
@ -5423,13 +5423,13 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime,
DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKINTEGRITY) &&
!integrity_checks(zone, db))
{
CHECK(DNS_R_BADZONE);
CLEANUP(DNS_R_BADZONE);
}
if (zone->type == dns_zone_primary &&
DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKDUPRR) &&
!zone_check_dup(zone, db))
{
CHECK(DNS_R_BADZONE);
CLEANUP(DNS_R_BADZONE);
}
if (zone->type == dns_zone_primary) {
@ -5447,7 +5447,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime,
dns_zone_log(zone, ISC_LOG_ERROR,
"'log-report-channel' is set, but no "
"'*._er/TXT' wildcard found");
CHECK(DNS_R_BADZONE);
CLEANUP(DNS_R_BADZONE);
}
CHECK(dns_zone_verifydb(zone, db, NULL));
@ -5493,7 +5493,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime,
"new serial (%u) out of range "
"[%u - %u]",
serial, serialmin, serialmax);
CHECK(DNS_R_BADZONE);
CLEANUP(DNS_R_BADZONE);
} else if (!isc_serial_ge(serial, oldserial)) {
dns_zone_logc(zone, DNS_LOGCATEGORY_ZONELOAD,
ISC_LOG_ERROR,
@ -5578,7 +5578,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime,
default:
UNEXPECTED_ERROR("unexpected zone type %d", zone->type);
CHECK(ISC_R_UNEXPECTED);
CLEANUP(ISC_R_UNEXPECTED);
}
/*
@ -7424,7 +7424,7 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_zone_t *zone,
/* Look up the signature in the SKR bundle */
dns_skrbundle_t *bundle = dns_zone_getskrbundle(zone);
if (bundle == NULL) {
CHECK(DNS_R_NOSKRBUNDLE);
CLEANUP(DNS_R_NOSKRBUNDLE);
}
CHECK(dns_skrbundle_getsig(bundle, keys[i], type,
&sig_rdata));
@ -7539,7 +7539,7 @@ zone_resigninc(dns_zone_t *zone) {
* Zone is frozen. Pause for 5 minutes.
*/
if (zone->update_disabled) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read);
@ -7548,7 +7548,7 @@ zone_resigninc(dns_zone_t *zone) {
}
ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read);
if (db == NULL) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
result = dns_db_newversion(db, &version);
@ -8029,7 +8029,7 @@ sign_a_node(dns_db_t *db, dns_zone_t *zone, dns_name_t *name,
/* Look up the signature in the SKR bundle */
dns_skrbundle_t *bundle = dns_zone_getskrbundle(zone);
if (bundle == NULL) {
CHECK(DNS_R_NOSKRBUNDLE);
CLEANUP(DNS_R_NOSKRBUNDLE);
}
CHECK(dns_skrbundle_getsig(bundle, key, rdataset.type,
&rdata));
@ -8719,7 +8719,7 @@ zone_nsec3chain(dns_zone_t *zone) {
* Updates are disabled. Pause for 5 minutes.
*/
if (zone->update_disabled) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read);
@ -14224,7 +14224,7 @@ again:
}
break;
default:
CHECK(ISC_R_NOTIMPLEMENTED);
CLEANUP(ISC_R_NOTIMPLEMENTED);
}
/*
@ -16948,7 +16948,7 @@ receive_secure_db(void *arg) {
LOCK_ZONE(zone);
if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_EXITING) || !inline_secure(zone)) {
CHECK(ISC_R_SHUTTINGDOWN);
CLEANUP(ISC_R_SHUTTINGDOWN);
}
loadtime = isc_time_now();
@ -18374,7 +18374,7 @@ dns_zone_forwardupdate(dns_zone_t *zone, dns_message_t *msg,
mr = dns_message_getrawmessage(msg);
if (mr == NULL) {
CHECK(ISC_R_UNEXPECTEDEND);
CLEANUP(ISC_R_UNEXPECTEDEND);
}
isc_buffer_allocate(zone->mctx, &forward->msgbuf, mr->length);
@ -19610,7 +19610,7 @@ zone_signwithkey(dns_zone_t *zone, dst_algorithm_t algorithm, uint16_t keyid,
ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read);
if (db == NULL) {
CHECK(ISC_R_NOTFOUND);
CLEANUP(ISC_R_NOTFOUND);
}
dns_db_attach(db, &signing->db);
@ -20609,7 +20609,7 @@ checkds_send_toaddr(void *arg) {
checkds->zone->view->requestmgr == NULL ||
checkds->zone->db == NULL)
{
CHECK(ISC_R_CANCELED);
CLEANUP(ISC_R_CANCELED);
}
/*
@ -20623,7 +20623,7 @@ checkds_send_toaddr(void *arg) {
dns_zone_log(checkds->zone, ISC_LOG_DEBUG(3),
"checkds: ignoring IPv6 mapped IPV4 address: %s",
addrbuf);
CHECK(ISC_R_CANCELED);
CLEANUP(ISC_R_CANCELED);
}
checkds_createmessage(checkds->zone, &message);
@ -21456,7 +21456,7 @@ zone_rekey(dns_zone_t *zone) {
dnssec_log(zone, ISC_LOG_DEBUG(1),
"zone_rekey:dns_skr_lookup failed: "
"no SKR available");
CHECK(DNS_R_NOSKRFILE);
CLEANUP(DNS_R_NOSKRFILE);
}
bundle = dns_skr_lookup(zone->skr, now, sigval);
zone->skrbundle = bundle;
@ -21477,7 +21477,7 @@ zone_rekey(dns_zone_t *zone) {
"no available SKR bundle for time "
"%.*s (%s)",
(int)r.length, r.base, nowstr);
CHECK(DNS_R_NOSKRBUNDLE);
CLEANUP(DNS_R_NOSKRBUNDLE);
}
zone_apply_skrbundle(zone, bundle, &keyset, &cdsset,
@ -22246,7 +22246,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) {
}
if (empty) {
CHECK(DNS_R_BADCDS);
CLEANUP(DNS_R_BADCDS);
}
CHECK(dns_rdata_tostruct(&crdata, &structcds, NULL));
@ -22307,7 +22307,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) {
&crdata, &dnskey,
&rdata);
if (result != ISC_R_SUCCESS) {
CHECK(DNS_R_BADCDS);
CLEANUP(DNS_R_BADCDS);
}
CHECK(dns_rdata_tostruct(&rdata, &structdnskey,
NULL));
@ -22321,10 +22321,10 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) {
for (i = 0; i < sizeof(algorithms); i++) {
if (delete) {
if (algorithms[i] != notexpected) {
CHECK(DNS_R_BADCDS);
CLEANUP(DNS_R_BADCDS);
}
} else if (algorithms[i] == expected) {
CHECK(DNS_R_BADCDS);
CLEANUP(DNS_R_BADCDS);
}
}
}
@ -22357,7 +22357,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) {
}
if (empty) {
CHECK(DNS_R_BADCDNSKEY);
CLEANUP(DNS_R_BADCDNSKEY);
}
CHECK(dns_rdata_tostruct(&crdata, &structcdnskey,
@ -22389,10 +22389,10 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) {
for (i = 0; i < sizeof(algorithms); i++) {
if (delete) {
if (algorithms[i] != notexpected) {
CHECK(DNS_R_BADCDNSKEY);
CLEANUP(DNS_R_BADCDNSKEY);
}
} else if (algorithms[i] == expected) {
CHECK(DNS_R_BADCDNSKEY);
CLEANUP(DNS_R_BADCDNSKEY);
}
}
}
@ -22797,14 +22797,14 @@ dns_zone_keydone(dns_zone_t *zone, const char *keystr) {
n = sscanf(keystr, "%hu/", &keyid);
if (n == 0U) {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
algstr = strchr(keystr, '/');
if (algstr != NULL) {
algstr++;
} else {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
n = sscanf(algstr, "%u", &alg);
@ -23627,12 +23627,12 @@ dns_zone_setserial(dns_zone_t *zone, uint32_t serial) {
if (!inline_secure(zone)) {
if (!dns_zone_isdynamic(zone, true)) {
CHECK(DNS_R_NOTDYNAMIC);
CLEANUP(DNS_R_NOTDYNAMIC);
}
}
if (zone->update_disabled) {
CHECK(DNS_R_FROZEN);
CLEANUP(DNS_R_FROZEN);
}
sse = isc_mem_get(zone->mctx, sizeof(*sse));

2
lib/isc/interfaceiter.c
View file

@ -170,7 +170,7 @@ isc_interfaceiter_create(isc_mem_t *mctx, isc_interfaceiter_t **iterp) {
strerror_r(errno, strbuf, sizeof(strbuf));
UNEXPECTED_ERROR("getting interface addresses: getifaddrs: %s",
strbuf);
CHECK(ISC_R_UNEXPECTED);
CLEANUP(ISC_R_UNEXPECTED);
}
/*

6
lib/isc/netmgr/tcp.c
View file

@ -720,7 +720,7 @@ isc__nm_tcp_read(isc_nmhandle_t *handle, isc_nm_recv_cb_t cb, void *cbarg) {
}
if (isc__nmsocket_closing(sock)) {
CHECK(ISC_R_CANCELED);
CLEANUP(ISC_R_CANCELED);
}
if (!sock->reading_throttled) {
@ -912,7 +912,7 @@ accept_connection(isc_nmsocket_t *csock) {
* isc__nm_tcp_close() can't handle uninitalized TCP nmsocket.
*/
if (isc__nmsocket_closing(csock)) {
CHECK(ISC_R_CANCELED);
CLEANUP(ISC_R_CANCELED);
}
r = uv_accept(&csock->server->uv_handle.stream,
@ -936,7 +936,7 @@ accept_connection(isc_nmsocket_t *csock) {
* it has expired. We cannot do anything better than
* drop it on the floor at this point.
*/
CHECK(ISC_R_TIMEDOUT);
CLEANUP(ISC_R_TIMEDOUT);
} else {
/* Adjust the initial read timeout accordingly */
csock->read_timeout -= time_elapsed_ms;

4
lib/isccfg/aclconf.c
View file

@ -689,7 +689,7 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx,
transports = isc_nm_httpsocket;
encrypted = false;
} else {
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
}
@ -880,7 +880,7 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx,
cfg_obj_log(ce, ISC_LOG_WARNING,
"address match list contains "
"unsupported element type");
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
/*

2
lib/isccfg/check.c
View file

@ -4900,7 +4900,7 @@ check_trust_anchor(const cfg_obj_t *key, unsigned int *flagsp) {
* We can't interpret the trust anchor, so
* we skip all other checks.
*/
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
UNREACHABLE();
}

22
lib/isccfg/kaspconf.c
View file

@ -155,7 +155,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp,
"allowed when offline-ksk "
"is enabled");
}
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
key->role |= DNS_KASP_KEY_ROLE_KSK;
key->role |= DNS_KASP_KEY_ROLE_ZSK;
@ -177,14 +177,14 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp,
"not exist",
keydir);
}
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
} else if (result != ISC_R_SUCCESS) {
if (log_errors) {
cfg_obj_log(obj, ISC_LOG_ERROR,
"dnssec-policy: bad keystore %s",
keydir);
}
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
INSIST(key->keystore != NULL);
@ -221,7 +221,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp,
"takes to "
"do a rollover");
}
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
}
@ -236,7 +236,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp,
"dnssec-policy: bad algorithm %s",
alg.base);
}
CHECK(DNS_R_BADALG);
CLEANUP(DNS_R_BADALG);
}
if (check_algorithms && isc_crypto_fips_mode() &&
(key->algorithm == DST_ALG_RSASHA1 ||
@ -249,7 +249,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp,
"in FIPS mode",
alg.base);
}
CHECK(DNS_R_BADALG);
CLEANUP(DNS_R_BADALG);
}
if (check_algorithms &&
@ -261,7 +261,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp,
"supported",
alg.base);
}
CHECK(DNS_R_BADALG);
CLEANUP(DNS_R_BADALG);
}
switch (key->algorithm) {
@ -306,7 +306,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp,
"key length %u",
alg.base, size);
}
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
break;
case DST_ALG_ECDSA256:
@ -340,7 +340,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp,
"dnssec-policy: tag-min "
"too big");
}
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
obj = cfg_tuple_get(tagrange, "tag-max");
tag_max = cfg_obj_asuint32(obj);
@ -350,7 +350,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp,
"dnssec-policy: tag-max "
"too big");
}
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
if (tag_min >= tag_max) {
if (log_errors) {
@ -358,7 +358,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp,
"dnssec-policy: tag-min >= "
"tag_max");
}
CHECK(ISC_R_RANGE);
CLEANUP(ISC_R_RANGE);
}
key->tag_min = tag_min;
key->tag_max = tag_max;

10
lib/isccfg/namedconf.c
View file

@ -1802,7 +1802,7 @@ parse_dtout(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) {
} else {
cfg_parser_error(pctx, CFG_LOG_NEAR,
"unexpected token");
CHECK(ISC_R_UNEXPECTEDTOKEN);
CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
} else {
break;
@ -1974,7 +1974,7 @@ cfg_parse_kv_tuple(cfg_parser_t *pctx, const cfg_type_t *type,
if (f->name == NULL) {
cfg_parser_error(pctx, 0, "unexpected '%s'",
TOKEN_STRING(pctx));
CHECK(ISC_R_UNEXPECTEDTOKEN);
CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
if (obj->value.tuple[fn] == NULL &&
strcasecmp(f->name, TOKEN_STRING(pctx)) == 0)
@ -3162,7 +3162,7 @@ parse_sizeval(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) {
CHECK(cfg_gettoken(pctx, 0));
if (pctx->token.type != isc_tokentype_string) {
CHECK(ISC_R_UNEXPECTEDTOKEN);
CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
CHECK(parse_unitstring(TOKEN_STRING(pctx), &val));
@ -3191,7 +3191,7 @@ parse_sizeval_percent(cfg_parser_t *pctx, const cfg_type_t *type,
CHECK(cfg_gettoken(pctx, 0));
if (pctx->token.type != isc_tokentype_string) {
CHECK(ISC_R_UNEXPECTEDTOKEN);
CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
percent = strtoull(TOKEN_STRING(pctx), &endp, 10);
@ -3344,7 +3344,7 @@ parse_maybe_optional_keyvalue(cfg_parser_t *pctx, const cfg_type_t *type,
} else {
cfg_parser_error(pctx, CFG_LOG_NEAR, "expected '%s'",
kw->name);
CHECK(ISC_R_UNEXPECTEDTOKEN);
CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
}

28
lib/isccfg/parser.c
View file

@ -1330,7 +1330,7 @@ cfg_parse_duration(cfg_parser_t *pctx, const cfg_type_t *type ISC_ATTR_UNUSED,
CHECK(cfg_gettoken(pctx, 0));
if (pctx->token.type != isc_tokentype_string) {
CHECK(ISC_R_UNEXPECTEDTOKEN);
CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
return parse_duration(pctx, ret);
@ -1351,7 +1351,7 @@ cfg_parse_duration_or_unlimited(cfg_parser_t *pctx,
CHECK(cfg_gettoken(pctx, 0));
if (pctx->token.type != isc_tokentype_string) {
CHECK(ISC_R_UNEXPECTEDTOKEN);
CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
if (strcmp(TOKEN_STRING(pctx), "unlimited") == 0) {
@ -2391,7 +2391,7 @@ cfg_parse_mapbody(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) {
CHECK(parse_semicolon(pctx));
if (includename->value.string.length == 0) {
CHECK(ISC_R_FILENOTFOUND);
CLEANUP(ISC_R_FILENOTFOUND);
}
/*
@ -2405,14 +2405,14 @@ cfg_parse_mapbody(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) {
case 0:
break;
case GLOB_NOMATCH:
CHECK(ISC_R_FILENOTFOUND);
CLEANUP(ISC_R_FILENOTFOUND);
break;
case GLOB_NOSPACE:
CHECK(ISC_R_NOMEMORY);
CLEANUP(ISC_R_NOMEMORY);
break;
default:
if (errno == 0) {
CHECK(ISC_R_IOERROR);
CLEANUP(ISC_R_IOERROR);
}
CHECK(isc_errno_toresult(errno));
}
@ -2461,7 +2461,7 @@ cfg_parse_mapbody(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) {
cfg_parser_error(pctx, 0,
"option '%s' no longer exists",
clause->name);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
if ((pctx->flags & CFG_PCTX_ALLCONFIGS) == 0 &&
(clause->flags & CFG_CLAUSEFLAG_NOTCONFIGURED) != 0)
@ -2470,7 +2470,7 @@ cfg_parse_mapbody(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) {
"option '%s' was not "
"enabled at compile time",
clause->name);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
if ((pctx->flags & CFG_PCTX_BUILTIN) == 0 &&
(clause->flags & CFG_CLAUSEFLAG_BUILTINONLY) != 0)
@ -2993,7 +2993,7 @@ parse_token(cfg_parser_t *pctx, const cfg_type_t *type ISC_ATTR_UNUSED,
CHECK(cfg_gettoken(pctx, CFG_LEXOPT_QSTRING));
if (pctx->token.type == isc_tokentype_eof) {
cfg_ungettoken(pctx);
CHECK(ISC_R_EOF);
CLEANUP(ISC_R_EOF);
}
isc_lex_getlasttokentext(pctx->lexer, &pctx->token, &r);
@ -3048,7 +3048,7 @@ parse_unsupported(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) {
if (pctx->token.type == isc_tokentype_eof || braces < 0) {
cfg_parser_error(pctx, CFG_LOG_NEAR,
"unexpected token");
CHECK(ISC_R_UNEXPECTEDTOKEN);
CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
CHECK(cfg_parse_listelt(pctx, listobj, &cfg_type_token, &elt));
@ -3492,21 +3492,21 @@ parse_sockaddrsub(cfg_parser_t *pctx, const cfg_type_t *type, int flags,
if (have_address != 1) {
cfg_parser_error(pctx, 0, "expected exactly one address");
CHECK(ISC_R_UNEXPECTEDTOKEN);
CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
if (!is_port_ok && have_port > 0) {
cfg_parser_error(pctx, 0, "subconfig 'port' no longer exists");
CHECK(ISC_R_UNEXPECTEDTOKEN);
CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
if (have_port > 1) {
cfg_parser_error(pctx, 0, "expected at most one port");
CHECK(ISC_R_UNEXPECTEDTOKEN);
CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
if (have_tls > 1) {
cfg_parser_error(pctx, 0, "expected at most one tls");
CHECK(ISC_R_UNEXPECTEDTOKEN);
CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
cfg_obj_create(pctx->mctx, cfg_parser_currentfile(pctx), pctx->line,

4
lib/ns/hooks.c
View file

@ -150,7 +150,7 @@ load_plugin(isc_mem_t *mctx, const char *modpath, ns_plugin_t **pluginp) {
ISC_LOG_ERROR,
"failed to dlopen() plugin '%s': %s", modpath,
errmsg);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
CHECK(load_symbol(&plugin->handle, modpath, "plugin_version",
@ -164,7 +164,7 @@ load_plugin(isc_mem_t *mctx, const char *modpath, ns_plugin_t **pluginp) {
ISC_LOG_ERROR,
"plugin API version mismatch: %d/%d", version,
NS_PLUGIN_VERSION);
CHECK(ISC_R_FAILURE);
CLEANUP(ISC_R_FAILURE);
}
CHECK(load_symbol(&plugin->handle, modpath, "plugin_check",

16
lib/ns/update.c
View file

@ -1638,7 +1638,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) {
}
result = dns_zone_checknames(zone, name, &rdata);
if (result != ISC_R_SUCCESS) {
CHECK(DNS_R_REFUSED);
CLEANUP(DNS_R_REFUSED);
}
if ((options & DNS_ZONEOPT_CHECKSVCB) != 0 &&
rdata.type == dns_rdatatype_svcb)
@ -1666,7 +1666,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) {
update_log(client, zone, ISC_LOG_WARNING,
"update RR has incorrect class %d",
update_class);
CHECK(DNS_R_FORMERR);
CLEANUP(DNS_R_FORMERR);
}
/*
@ -1795,7 +1795,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) {
isc_result_totext(result));
ns_stats_increment(client->manager->sctx->nsstats,
ns_statscounter_updatequota);
CHECK(DNS_R_DROP);
CLEANUP(DNS_R_DROP);
}
uev = isc_mem_get(client->manager->mctx, sizeof(*uev));
@ -2245,7 +2245,7 @@ check_dnssec(ns_client_t *client, dns_zone_t *zone, dns_db_t *db,
if (!dns_zone_check_dnskey_nsec3(zone, db, ver, diff, NULL, 0)) {
update_log(client, zone, ISC_LOG_ERROR,
"NSEC only DNSKEYs and NSEC3 chains not allowed");
CHECK(DNS_R_REFUSED);
CLEANUP(DNS_R_REFUSED);
}
/* Verify NSEC3 params */
@ -2253,7 +2253,7 @@ check_dnssec(ns_client_t *client, dns_zone_t *zone, dns_db_t *db,
if (iterations > dns_nsec3_maxiterations()) {
update_log(client, zone, ISC_LOG_ERROR,
"too many NSEC3 iterations (%u)", iterations);
CHECK(DNS_R_REFUSED);
CLEANUP(DNS_R_REFUSED);
}
cleanup:
@ -3145,7 +3145,7 @@ update_action(void *arg) {
update_log(client, zone, LOGLEVEL_PROTOCOL,
"update rejected: post update name server "
"sanity check failed");
CHECK(DNS_R_REFUSED);
CLEANUP(DNS_R_REFUSED);
}
}
if (!ISC_LIST_EMPTY(diff.tuples) && is_signing) {
@ -3154,7 +3154,7 @@ update_action(void *arg) {
update_log(client, zone, LOGLEVEL_PROTOCOL,
"update rejected: bad %s RRset",
result == DNS_R_BADCDS ? "CDS" : "CDNSKEY");
CHECK(DNS_R_REFUSED);
CLEANUP(DNS_R_REFUSED);
}
CHECK(result);
}
@ -3228,7 +3228,7 @@ update_action(void *arg) {
"records in zone (%" PRIu64
") exceeds max-records (%u)",
records, maxrecords);
CHECK(DNS_R_TOOMANYRECORDS);
CLEANUP(DNS_R_TOOMANYRECORDS);
}
}

2
lib/ns/xfrout.c
View file

@ -1501,7 +1501,7 @@ sendstream(xfrout_ctx_t *xfr) {
"(%d bytes)",
size);
/* XXX DNS_R_RRTOOLARGE? */
CHECK(ISC_R_NOSPACE);
CLEANUP(ISC_R_NOSPACE);
}
break;
}